CVE-2008-6074

Directory traversal vulnerability in frame.php in phpcrs 2.06 and earlier, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the importFunction parameter...