Directory traversal vulnerability in Lionel Reyero DirectContact 0.3b allows remote malicious users to read arbitrary files via a .. (dot dot) in the URL.
source: wwwsecurityfocuscom/bid/16849/info
DirectContact is prone to a directory-traversal vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input
An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application ...