Vulnerabilities

CVE-2006-6513

by Fred · 13/12/2006

The CControl::Download function (/dl URI) in Winamp Web Interface (Wawi) 7.5.13 and earlier allows remote authenticated users to download arbitrary file types under the root via a trailing "." (dot) in a filename in the file parameter, related to erroneous behavior of the IsWinampFile function.

Date published : 2006-12-13

http://www.securityfocus.com/bid/21539

http://www.securityfocus.com/archive/1/454059/100/0/threaded

Similar

Tags: Cybersecurity Alert