CVE-2008-0479 Information

Description

Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz NewsPad 1.02 allows remote attackers to list arbitrary directories and .txt and .zip files via a …..\\\ in the sub parameter.

Reference

http://secunia.com/advisories/28416 http://securityreason.com/securityalert/3588 http://www.bugreport.ir/?/30 http://www.securityfocus.com/archive/1/486869/100/0/threaded http://www.securityfocus.com/bid/27419 http://www.securitytracker.com/id?1019268 http://www.webwizguide.com/webwiznewspad/kb/release_notes.asp https://exchange.xforce.ibmcloud.com/vulnerabilities/39863 https://www.exploit-db.com/exploits/4972