CVE-2007-6620 Information

Description

Directory traversal vulnerability in include/images.inc.php in Joovili 2.x allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter.

Reference

http://osvdb.org/40153 http://secunia.com/advisories/28231 http://www.securityfocus.com/bid/27056 https://www.exploit-db.com/exploits/4799