CVE
2009-3150
Public CVE-2009-3150 disclosure
Directory traversal vulnerability in actions/downloadFile.php in Ultrize TimeSheet 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter.
Link not working? No problem! With VULNMAP you always have guaranteed access to security information thanks to reliable backups.
Our backup links ensure that critical data remains always available, even in case of unavailability of original sites.