CVE-2006-1224

Publication date

2006-03-14 11:00:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite arbitrary files via a "%2E." (mixed encoding) in the pg parameter.