CVE-2006-1789
PAJAX 0.5.1 and earlier expose a directory traversal vulnerability in pajax_call_dispatcher.php that lets an unauthenticated attacker read arbitrary files via the $className variable. This issue is corroborated across multiple sources (NVD/Nessus, CVE-2006-1789). The Nessus plugin explicitly grou...