Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter.
Max CVSS
5.0
EPSS Score
1.74%
Published
2008-02-19
Updated
2017-09-29
1 vulnerabilities found