2 matches found
CVE-2007-3096
Directory traversal vulnerability in login.php in PBLang PBL 4.67.16.a and earlier, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...
CVE-2007-3096
PBLang up to version 4.67.16.a is affected by a directory traversal/local file inclusion in login.php, exploitable via the lang parameter when magic_quotes_gpc is disabled. An unauthenticated, remote attacker could cause the server to include and potentially execute local PHP files, subject to we...