6.8 Medium
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
86.0%
Directory traversal vulnerability in download/index.php, and possibly download.php, in threesquared.net (aka Ben Speakman) Php download allows remote attackers to overwrite arbitrary local files via … (dot dot) sequence in the file parameter.
secunia.com/advisories/21774
securityreason.com/securityalert/1528
www.securityfocus.com/archive/1/445269/100/0/threaded
www.securityfocus.com/bid/19872
www.vupen.com/english/advisories/2006/3479
exchange.xforce.ibmcloud.com/vulnerabilities/28751