Directory traversal vulnerability in downloadpic.php in Beryo 2.0, and possibly other versions including 2.4, allows remote attackers to read arbitrary files via a .. (dot dot) in the chemin parameter.
Publication date: Wed, 11 Apr 2007 04:19:00 +0000