2 matches found
CVE-2007-2486
Directory traversal vulnerability in download.asp in Motobit 1.3 and 1.5 aka PStruh-CZ allows remote attackers to read arbitrary files via a .. dot dot in the File parameter...
CVE-2007-2486
The CVE-2007-2486 entry describes a directory traversal vulnerability in Motobit (aka PStruh-CZ) using the file parameter of download.asp. Affected versions are Motobit 1.3 and 1.5 . The root cause is improper handling of the File parameter, enabling an attacker to read arbitrary files via a “..”...