CVE-2006-7080
Summary: CVE-2006-7080 affects exV2 versions up to 2.0.4.3, where the avatar upload feature is vulnerable to a directory traversal via the old_avatar parameter. Attacker-controlled ".." sequences can be used to delete arbitrary files on the server. The vulnerability is categorized with a CVSS v2 ...