CVE-2008-4662

2008-10-22T02:10:00
ID CVE-2008-4662
Type cve
Reporter cve@mitre.org
Modified 2018-10-11T20:52:00

Description

Directory traversal vulnerability in admin.php in LokiCMS 0.3.4, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.