CVE-2010-1059
The CVE concerns Phpkobo Address Book Script 1.09, where a directory traversal flaw in staff/app/common.inc.php can be exploited when magic_quotes_gpc is disabled. An attacker can include and execute arbitrary local files by manipulating the LANG_CODE parameter, enabling at least partial impact t...