cpe:/a:wonko:notftp:1.3.1 CVE-2009-1407 2009-04-24T10:30:00.377-04:00 2017-09-28T21:34:22.137-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-04-24T13:05:00.000-04:00 ALLOWS_OTHER_ACCESS BID 34636 EXPLOIT-DB 8504 XF notftp-config-file-include(49988) Directory traversal vulnerability in config.php in NotFTP 1.3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a certain languages[][file] parameter.