CVE-2007-3942
SMF 1.1.3 is affected by a directory traversal issue in index.php that could allow remote inclusion of local files via the sourcedir parameter or the actionArray hash. The root cause is unclear in some sources, as CVE notes that sourcedir and actionArray are defined before use and disputes exist ...