cpe:/a:tufat:mybackup:1.4.0 CVE-2009-4978 2010-08-25T16:00:13.627-04:00 2017-09-18T21:30:08.330-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2010-08-25T16:32:00.000-04:00 SECUNIA 36106 EXPLOIT-DB 9365 VUPEN ADV-2009-2165 Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.