2 matches found
CVE-2009-4986
Directory traversal vulnerability in index.php in In-Portal 4.3.1, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via a .. dot dot in the env parameter...
CVE-2009-4986
Affected software: In-Portal 4.3.1. Description confirms a directory traversal vulnerability in index.php that allows remote attackers to read arbitrary files by supplying a ".." path in the env parameter when magic_quotes_gpc is disabled. This is the only clearly stated vulnerability mechanism i...