CVE-2009-0735
25.02.2009, 20:30
Directory traversal vulnerability in lib/classes/message_class.php in Papoo CMS 3.6, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read and possibly execute arbitrary files via a .. (dot dot) in the pfadhier parameter. NOTE: some of these details are obtained from third party information.
Vendor | Product | Version |
---|---|---|
papoo | papoo | 3.6 |
𝑥
= Vulnerable software versions