CVE-2007-0118 Information

Description

Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow remote attackers to read arbitrary files via an absolute pathname in the file parameter to (1) edittag.cgi (2) edittag.pl (3) edittag_mp.cgi or (4) edittag_mp.pl.

Reference

http://osvdb.org/33393 http://osvdb.org/33394 http://osvdb.org/33395 http://osvdb.org/33396 http://secunia.com/advisories/7950 http://www.securityfocus.com/archive/1/456055/100/0/threaded http://www.securityfocus.com/bid/21890