2 matches found
CVE-2007-6621
Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote attackers to read arbitrary files via a .. dot dot in the picture parameter...
CVE-2007-6621
Joovili 3.0.0–3.0.6 is affected by a directory traversal flaw in joovili.images.php that allows remote attackers to read arbitrary files via a .. sequence in the picture parameter. The underlying cause is improper handling of the picture input, enabling file reads outside the web root. Impact is ...