CVE-2009-2223

Directory traversal vulnerability in locms/smarty.php in LightOpenCMS 0.1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the cwd parameter. NOTE: remote file inclusion attacks may be possible...