Directory traversal vulnerability in script/cat_for_aff.php in Netref 4 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the ad_direct parameter.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Netref |
Netref |
4 (including) |
4 (including) |
References