Description
Directory traversal vulnerability in Avi Alkalay contribute.cgi (aka contribute.pl), dated 16 Jun 2002, allows remote attackers to overwrite arbitrary files via ".." sequences in the contribdir variable.
Affected products
- avi_alkalay / contribute.cgi16_jun_2002 – 16_jun_2002
References
- VENDOR_ADVISORYhttp://www.cirt.net/advisories/alkalay.shtml
- MISChttp://www.osvdb.org/19522