CVE-2007-0098
CVE-2007-0098 describes a directory-traversal in VerliAdmin ≤0.3 where an attacker can trigger local file inclusion by manipulating the lang cookie (via ..) when magic_quotes_gpc is disabled. The exploit can inject PHP sequences into Apache log files which are later included by language.php, enab...