Mathopd versions 1.5p7 and below suffer from a directory traversal vulnerability.
b6966987c8121ec3ba1d4cee64e0611aa7630b447ac6b3b6a8d04a5616ccb7b8
Hi,
Mathopd - Security Alerts
Directory Traversal Vulnerability
Reported: 2 February 2012
Older versions of the software have a vulnerability that could lead to
directory traversal if the '*' construct for mass virtual hosting is used.
Affected: all 1.4 versions, all 1.5 versions up to 1.5p7.
Fixed in: Mathopd 1.5p7
http://www.mathopd.org/security.html
http://www.mail-archive.com/mathopd%40mathopd.org/msg00392.html