CVE-2010-1115

Directory traversal vulnerability in news/include/customize.php in Web Server Creator – Web Portal 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter.

Date published : 2010-03-25

http://www.securityfocus.com/bid/37841

http://www.packetstormsecurity.com/1001-exploits/webservercreator-traversalxssrfi.txt