CVE-2007-6378

Publication date

2007-12-15 06:00:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in upload.dll in BadBlue 2.72b and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the filename parameter.