Directory traversal vulnerability in store.cgi in Thinking Arts ES.One package allows remote attackers to read arbitrary files via a .. (dot dot) in the StartID parameter.
Link | Tags |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2001-02/0324.html | mailing list exploit vendor advisory |
http://www.securityfocus.com/bid/2385 | exploit vdb entry vendor advisory |