Directory traversal

Multiple directory traversal vulnerabilities in 2532designs 2532|Gigs 1.2.2 Stable, when registerglobals is enabled and magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 settings.php, 2 deleteuser.php, 3...