CVE-2009-0340
CVE-2009-0340 affects Simple PHP Newsletter 1.5. Multiple directory traversal vulnerabilities allow remote attackers to read arbitrary files via a ".." in the olang parameter to (1) mail.php and (2) mailbar.php. Root cause: improper validation of the olang parameter enables path traversal. Impact...