2 matches found
CVE-2007-2659
Directory traversal vulnerability in index.php in PHP Advanced Transfer Manager phpATM 1.30 allows remote attackers to read arbitrary files and obtain script source code via a .. dot dot in the directory parameter in a downloadfile action...
CVE-2007-2659
CVE-2007-2659 describes a directory traversal vulnerability in PHP Advanced Transfer Manager (phpATM) v1.30. The flaw is in the index.php file, in the downloadfile action, where an attacker can manipulate the directory parameter using ".." to access arbitrary files, potentially exposing script so...