CVE-2007-2425

Name of the Vulnerable Software and Affected Versions Imageview version 5.3

Description A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using a .. (dot dot) in the album parameter of the fileview.php file.

Recommendations For Imageview version 5.3, consider restricting access to the fileview.php file until a patch is available, or apply configuration changes to prevent directory traversal attacks, such as validating and sanitizing user input for the album parameter.