2007-06-12 02:00:00
mitre
PUBLISHED
download_script.asp in ASP Folder Gallery allows remote attackers to read arbitrary files via a filename in the file parameter.