CVE-2014-9452

Directory traversal vulnerability in VDG Security SENSE (formerly DIVA) 2.3.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI to images/.

Date published : 2015-01-02

http://www.securityfocus.com/bid/71736

http://seclists.org/fulldisclosure/2014/Dec/76