cpe:/a:magnoware:datatrack_system:3.5 CVE-2010-2079 2010-05-25T18:30:02.470-04:00 2017-08-16T21:32:36.557-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2010-05-26T13:54:00.000-04:00 XF datatrack-backslash-info-disc(58735) MISC http://cross-site-scripting.blogspot.com/2010/05/datatrack-system-35-persistent-xss.html MISC http://packetstormsecurity.org/1005-exploits/datatrackserver35-xss.txt DataTrack System 3.5 allows remote attackers to bypass intended restrictions on file extensions, and read arbitrary files, via a trailing backslash in a URI, as demonstrated by (1) web.config\ and (2) .ascx\ files.