Directory traversal vulnerability in edit.php in pheap allows remote malicious users to read and modify arbitrary files via a .. (dot dot) in the filename parameter.
source: wwwsecurityfocuscom/bid/22670/info
Pheap is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input
An attacker can exploit this vulnerability to retrieve and edit the contents of arbitrary files from the vulnerable system in the context of the affected application
wwwexa ...