CVE-2009-4960

Publication date

2010-07-27 18:39:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in modules/backup/download.php in Lanai Core 0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.