CVE-2006-6814 Information

Description

Directory traversal vulnerability in FolderManager/FolderManager.aspx in Hosting Controller 7c allows remote authenticated users to read and modify arbitrary files and list arbitrary directories via ..\ (dot dot backslash) sequences in the BrowsePath parameter.

Reference

http://secunia.com/advisories/23585 http://securitytracker.com/id?1017447 http://www.kapda.ir/advisory-458.html http://www.securityfocus.com/bid/21786 http://www.vupen.com/english/advisories/2007/0023