Directory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Filename parameter in (1) UploadScript11.asp or (2) DirectoryListing.asp.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Aspupload | Persits | 2.1 (including) | 2.1 (including) |