CVE-2007-6621 Information

Description

Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter.

Reference

http://osvdb.org/39666 http://secunia.com/advisories/28231 http://www.securityfocus.com/bid/27056 https://www.exploit-db.com/exploits/4799