• info
• discussion
• exploit
• solution
• references

Ezfactory Download Cgi CVE-2007-3692 Directory Traversal Vulnerability

Ezfactory Download Cgi is prone to a directory traversal vulnerability. Directory traversal vulnerability in download.cgi in EZFactory KDDI Download CGI 1.x allows remote attackers to read and download arbitrary files via a .. (dot dot) in the name parameter.