cpe:/a:jesse-web:jmweb_mp3_music_audio_search_and_download_script CVE-2008-4522 2008-10-09T14:14:15.107-04:00 2017-09-28T21:32:12.273-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-10-10T09:48:00.000-04:00 ALLOWS_OTHER_ACCESS BID 31573 SECUNIA 32141 SREASON 4386 EXPLOIT-DB 6669 XF jmweb-mp3-src-file-include(45672) Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio Search and Download Script allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the src parameter to (1) listen.php and (2) download.php.