CVE-2008-2969 Information
Feb 14, 2021
cve
Description
Directory traversal vulnerability in download.php in Academic Web Tools (AWT YEKTA) 1.4.3.1 and 1.4.2.8 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the dfile parameter.
Reference
http://securityreason.com/securityalert/3959 http://www.bugreport.ir/?/44 http://www.securityfocus.com/archive/1/493472/100/0/threaded http://www.securityfocus.com/bid/29813 https://exchange.xforce.ibmcloud.com/vulnerabilities/43175
Share on: