CVE-2007-4180
Affects Pluck 4.3: directory traversal in data/inc/theme.php via the file parameter (..), exploitable when register_globals is enabled. The claim is that remote reading of local files is possible, but the note across sources indicates this vulnerability is disputed because the code uses a fixed a...