CVE-2008-3675
The CVE-2008-3675 entry concerns a directory traversal in Gelato 0.95. Affected component: classes/imgsize.php (Gelato 0.95). Vulnerable input: the img parameter, where attackers can supply ../ or full pathnames to read arbitrary files on the server. Impact is read access to arbitrary local files...