CVE-2004-1427
KorWeblog PHP remote file inclusion vulnerability (CVE-2004-1427) affects 1.6.2-cvs and earlier. The flaw is in main.inc via G_PATH, enabling remote code execution when a URL on a remote server is loaded, demonstrated by using .. sequences in the lng parameter to load main.inc. The CVSS vector (A...