VYPR

Fd Script

by Vlad Leont

CVEs (1)

  • CVE-2007-0620Jan 31, 2007
    risk 0.03cvss epss 0.04

    download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php.