CVE-2008-1651
EasyNews 4.0 admin/login.php is affected by a directory traversal vulnerability. An attacker can supply a ".." in the lang parameter to include and execute local files, enabling remote code execution. CVSS v2 base score 7.5 (HIGH); network access, no authentication, partial impact on confidential...