CVE-2000-1176 Information

Description

Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack in the \catsearch\ form field.

Reference

http://archives.neohapsis.com/archives/bugtraq/2000-11/0110.html http://www.securityfocus.com/bid/1921