• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

DownloadProtect Download.PHP Directory Traversal Vulnerability

DownloadProtect is affected by a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize input. The problem presents itself in the 'download.php' script via the 'file' parameter.

This issue is reported to affect DownloadProtect versions 1.0.2b and prior.