CVE-2008-2459
CVE-2008-2459 affects EntertainmentScript 1.4.0, where the vulnerable component is page.php. A directory traversal via the page parameter enables remote attackers to include and execute arbitrary local files. Root cause is a directory traversal flaw in the input handling of the page parameter. Im...