CVE-2007-1152 Information

Description

Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) act or (2) pid parameter to the top-level URI (index.php) or the (3) action parameter to admin/index.php. NOTE: some of these details are obtained from third party information.

Reference

http://osvdb.org/37398 http://www.securityfocus.com/bid/22667 http://www.securityfocus.com/bid/33861 https://www.exploit-db.com/exploits/8095