CVE-2006-4260 Information

Description

Directory traversal vulnerability in index.php in Fotopholder 1.8 allows remote attackers to read arbitrary directories or files via a .. (dot dot) in the path parameter.

Reference

http://archives.neohapsis.com/archives/bugtraq/2006-08/0316.html http://securityreason.com/securityalert/1421 http://securitytracker.com/id?1016702 http://www.osvdb.org/28243 https://exchange.xforce.ibmcloud.com/vulnerabilities/28398 https://exchange.xforce.ibmcloud.com/vulnerabilities/28399