{
  "modified": "2025-04-09T00:30:58Z",
  "published": "2009-06-22T20:30:00Z",
  "id": "CVE-2009-2166",
  "details": "Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter.",
  "references": [
    {
      "type": "EVIDENCE",
      "url": "http://www.leidecker.info/advisories/2009-05-30-ocs_inventory_ng_directory_traversal.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/504047/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50946"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/8868"
    }
  ]
}