uni-konstanz.de subdomain, arbitrary file download

[b4mbi () Safe-mail net]

Hi,
there is a arbitrary file download vulnerability in the University Konstanz Website.
Vulnerable link: http://www.wiwi.uni-konstanz.de/index.php?eID=tx_nawsecuredl&u=0&file=[ File here! ]

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/