cpe:/a:salvo_g._tomaselli:weborf:0.3 cpe:/a:salvo_g._tomaselli:weborf:0.4 cpe:/a:salvo_g._tomaselli:weborf:0.5 cpe:/a:salvo_g._tomaselli:weborf:0.6 cpe:/a:salvo_g._tomaselli:weborf:0.7 cpe:/a:salvo_g._tomaselli:weborf:0.8 cpe:/a:salvo_g._tomaselli:weborf:0.9 cpe:/a:salvo_g._tomaselli:weborf:0.10 cpe:/a:salvo_g._tomaselli:weborf:0.11 cpe:/a:salvo_g._tomaselli:weborf:0.12 cpe:/a:salvo_g._tomaselli:weborf:0.12.1 cpe:/a:salvo_g._tomaselli:weborf:0.12.2 CVE-2010-3306 2010-09-24T15:00:06.323-04:00 2010-09-27T00:00:00.000-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2010-09-27T15:50:00.000-04:00 EXPLOIT-DB 14925 SECUNIA 41286 OSVDB 67840 MLIST [oss-security] 20100916 CVE request: weborf: directory traversal MLIST [oss-security] 20100917 Re: CVE request: weborf: directory traversal CONFIRM http://code.google.com/p/weborf/source/detail?r=464 CONFIRM http://galileo.dmi.unict.it/wiki/weborf/doku.php?id=news:released_0.12.3 Directory traversal vulnerability in the modURL function in instance.c in Weborf before 0.12.3 allows remote attackers to read arbitrary files via ..%2f sequences in a URI.