CVE-2009-2600

Description

Multiple directory traversal vulnerabilities in view.php in Webboard 2.90 beta and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the topic parameter.

Affected products

• akiva / webboard2.90

References

• EXPLOIThttp://www.exploit-db.com/exploits/8823
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/50861