CVE-2010-0967

Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to (1) colorvoid/footer.php, (2) default-green/footer.php, (3) default-orange/footer.php, and (4) default/footer.php in themes/.  NOTE: some of these details are obtained from third party information.
Path Traversal
Severity
UNKNOWN
AV:N/AC:H/Au:N/C:P/I:P/A:P
Atk. Vector
NETWORK
Atk. Complexity
HIGH