CVE-2015-2071

Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filepath parameter.

Date published : 2015-02-24

http://www.securityfocus.com/bid/74887

http://www.exploit-db.com/exploits/36089