CVE-2006-4651 — Directory traversal vulnerability in download/index.php, and possibly download.php, in threesquared.net (aka Ben Speakman) Php download allows remote attackers to overwrite arbitrary local files via . — CVE Database · The Intelligence Room