Dyshoo

1 exploit Active since Feb 2009
CVE-2008-6288 EXPLOITDB text WORKING POC
Interface Medien ibase < 2.03 - Path Traversal via Download Filename Parameter
Directory traversal vulnerability in download.php in Interface Medien ibase 2.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.