2007-03-27 01:00:00
mitre
PUBLISHED
download.php in Philex 0.2.3 and earlier allows remote attackers to read arbitrary files and source code, and obtain sensitive information via the file parameter.