CVE-2010-1110

Directory traversal vulnerability in index.php in phpMySport 1.4 allows remote attackers to list arbitrary directories via a .. (dot dot) in the current_folder parameter.

Date published : 2010-03-25

http://www.securityfocus.com/bid/37856

http://packetstormsecurity.org/1001-exploits/phpmysport-sqlaccess.txt