CVE-2006-4651

Directory traversal vulnerability in download/index.php, and possibly download.php, in threesquared.net (aka Ben Speakman) Php download allows remote attackers to overwrite arbitrary local files via .. (dot dot) sequence in the file parameter.

Date published : 2006-09-08

http://www.securityfocus.com/bid/19872

http://www.securityfocus.com/archive/1/445269/100/0/threaded