Directory traversal vulnerability in upload/bin/download.php in Upload Tool for PHP 1.0 allows remote attackers to read arbitrary files via (1) ".." sequences or (2) absolute pathnames in the filename parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 84.5%