Directory traversal
Multiple directory traversal vulnerabilities in e-Vision CMS 2.0.2 and earlier, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 an adminlang cookie to admin/index.php; or the module parameter to 2...