CVE-2009-0722

2009-02-24T18:30:00
ID CVE-2009-0722
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:33:00

Description

Directory traversal vulnerability in admin.php in Potato News 1.0.0 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the user cookie parameter.