CVE-2007-0620
CVE-2007-0620 affects FD Script prior to or including 1.3.2. The vulnerability exists in download.php, where a relative pathname supplied by the fname parameter can cause the web server to disclose source files under the document root (e.g., config.php) with certain extensions (including .php). T...