CVE-2009-2166
CVE-2009-2166 affects OCS Inventory NG: cvs.php information disclosure vulnerability that allows an attacker to read arbitrary files on Unix systems by supplying a full pathname in the log parameter, due to an absolute path traversal issue. Affected version: before 1.02.1. Root cause: improper ha...