CVE-2006-4651

Name of the Vulnerable Software and Affected Versions threesquared.net (aka Ben Speakman) Php download (affected versions not specified)

Description The issue concerns a directory traversal vulnerability. This vulnerability allows remote attackers to overwrite arbitrary local files by using .. (dot dot) sequences in the file parameter of the download/index.php and possibly download.php scripts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.