CVE-2009-2224
CVE-2009-2224 describes a Local File Inclusion (LFI) in AN Guestbook 0.7.8 via a directory-traversal flaw in ang/shared/flags.php when register_globals is enabled. The issue allows reading arbitrary files by supplying .. in the g_lang parameter. Affected software is AN Guestbook (version 0.7.8); ...