CVE-2007-3158

download_script.asp in ASP Folder Gallery allows remote attackers to read arbitrary files via a filename in the file parameter.

Date published : 2007-06-11

http://www.securityfocus.com/bid/24345

http://www.securityfocus.com/archive/1/470667/100/0/threaded