CVE-2009-3123 Information

Description

Directory traversal vulnerability in gallery/gallery.php in Wap-Motor before 18.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the image parameter.

Reference

http://osvdb.org/57426 http://packetstormsecurity.org/0908-exploits/wapmotor-lfi.txt http://secunia.com/advisories/36416 https://exchange.xforce.ibmcloud.com/vulnerabilities/52810