CVE-2008-6290
CVE-2008-6290 describes a directory traversal in includefile.php of nicLOR Sito. When register_globals is enabled or magic_quotes_gpc is disabled, remote attackers can cause local file inclusion via a ".." in the page_file parameter. The vulnerability can affect confidentiality, integrity, and av...