The vulnerability of the iclock interface on the BioTime web-based time tracking platform allows a violator to gain access to read any arbitrary files.

The vulnerability of the iclock interface on the BioTime time tracking management web platform is related to errors in processing the relative path to the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain read access to arbitrary files...