CVE-2008-0813

2008-02-19T02:00:00
ID CVE-2008-0813
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:30:00

Description

Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter.