EDB-4704webappsphpVERIFIED

PolDoc CMS 0.96 - 'download_file.php' File Disclosure

GoLd_M12/8/2007

View on Exploit-DB View Source on GitLab

AI AnalysisPowered by AI

Exploit Code

Exploit code not available in database

View Source on GitLab

Related CVEs (1)

CVE-2007-6400

NONE

Directory traversal vulnerability in download_file.php in PolDoc CMS (aka PDDMS) 0.96 allows remote attackers to read arbitrary files via a .. (dot dot) or absolute pathname in the filename parameter.

Directory traversal vulnerability in download_file.php in PolDoc CMS (aka PDDMS) 0.96 allows remote attackers to read arbitrary files via a .. (dot dot) or absolute pathname in the filename parameter.

12/17/2007CWE-22