Kers0R

**Name of the Vulnerable Software and Affected Versions** EditTag version 1.1 **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using a "%2F.." (encoded slash dot dot) in the `file` parameter. **Recommendations** For EditTag version 1.1, consider restricting access to the edittag.cgi script until a patch is available, or avoid using the `file` parameter with encoded slash dot dot sequences to minimize the risk of exploitation.