2 matches found
CVE-2008-2969
Directory traversal vulnerability in download.php in Academic Web Tools AWT YEKTA 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to read arbitrary files via a .. dot dot in the dfile parameter...
CVE-2008-2969
The CVE-2008-2969 entry concerns a directory traversal vulnerability in Academic Web Tools (AWT YEKTA) versions 1.4.3.1 and 1.4.2.8 (and earlier). The underlying issue is that the dfile parameter can be manipulated with a .. (dot dot) path segment in download.php, allowing remote attackers to rea...