CVE-2007-5253
Cart32 (shopping cart app) vulnerability CVE-2007-5253 affects the GetImage function in c32web.exe prior to Cart32 6.4. An attacker can read arbitrary files by supplying an ImageName parameter that appends a NULL byte then a file extension (e.g., ".txt%00.gif"), potentially enabling directory tra...