CVE-2009-0735
The vulnerability CVE-2009-0735 affects Papoo CMS 3.6, specifically in lib/classes/message_class.php. When register_globals is enabled and magic_quotes_gpc is disabled, a directory traversal via the pfadhier parameter (.. path) can allow remote attackers to read, and possibly execute, arbitrary f...