CVE-2007-6378

Publication date

2007-12-15 01:00:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in upload.dll in BadBlue 2.72b and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the filename parameter.