cpe:/a:idmos:idmos_cms:1.0 CVE-2008-0431 2008-01-23T17:00:00.000-05:00 2017-09-28T21:30:16.893-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2008-01-24T10:21:00.000-05:00 BID 27379 SECUNIA 28436 EXPLOIT-DB 4954 VUPEN ADV-2008-0229 XF idmos-download-directory-traversal(39823) Directory traversal vulnerability in administrator/download.php in IDMOS (aka Phoenix) 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter.