CVE-2007-2503
PHP Turbulence 0.0.1 alpha is affected by a directory-traversal in turbulence.php via GLOBALS[tcore], allowing potential local file inclusion/execution. The issue stems from using a dot-dot path, with a note that a direct request to user/turbulence.php may trigger a fatal error before inclusion. ...