CVE-2007-1042
CVE-2007-1042 affects Xpression News (X-News) 1.0.1. A directory traversal vulnerability in news.php allows remote attackers to include arbitrary files or read sensitive information via the xnews-template parameter when magic_quotes_gpc is disabled. The underlying issue is path traversal (dot-dot...