MetaProducts Offline Explorer Directory Traversal Vulnerability
MetaProducts Offline Explorer is an application that allows a user to download the contents of a website or FTP site for offline browsing at a later time.
It is possible to view known files on a system Offline Explorer resides on. By default, Offline Explorer listens on port 800. A remote user may retrieve the contents of known files without any authorization whatsoever by performing a GET request and implementing the double dot "../..\" directory traversal technique.