2006-12-29 11:00:00
mitre
PUBLISHED
Directory traversal vulnerability in FolderManager/FolderManager.aspx in Hosting Controller 7c allows remote authenticated users to read and modify arbitrary files, and list arbitrary directories via .. (dot dot backslash) sequences in the BrowsePath parameter.