2007-06-11 22:00:00
mitre
PUBLISHED
download_script.asp in ASP Folder Gallery allows remote attackers to read arbitrary files via a filename in the file parameter.