CVE-2010-1115 Information

Description

Directory traversal vulnerability in news/include/customize.php in Web Server Creator - Web Portal 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter.

Reference

http://www.packetstormsecurity.com/1001-exploits/webservercreator-traversalxssrfi.txt http://www.securityfocus.com/bid/37841 https://exchange.xforce.ibmcloud.com/vulnerabilities/55725