Directory traversal

Multiple directory traversal vulnerabilities in ErfurtWiki R1.02b and earlier, when registerglobals is enabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 ewikiid and 2 ewikiaction parameters to fragments/css.php, and possibly the 3 id parameter ...