2 matches found
CVE-2008-6139
CVE-2008-6139 describes a directory traversal vulnerability in WebBiscuits Modules Controller 1.1, where the download parameter in faqsupport/wce.download.php can be manipulated with .. to read arbitrary files. Supported by NVD/NIST records and multiple references; exploitation details are not de...
CVE-2008-6139
Directory traversal vulnerability in faqsupport/wce.download.php in WebBiscuits Modules Controller 1.1 allows remote attackers to read arbitrary files via a .. dot dot in the download parameter...