LocalWEB2000 is subject to a directory traversal. Requesting a specially crafted HTTP request with a known filename will enable an attacker to gain read access to the requested file.
LocalWEB2000 contains a flaw that allows a remote attacker to read files outside of the web path. The issue is due to the program not properly sanitizing user input, specifically traversal style attacks (../../) supplied via URL requests.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue. The product is no longer supported by the vendor.