2 matches found
CVE-2008-3194
Multiple directory traversal vulnerabilities in data/inc/themes/predefinedvariables.php in pluck 4.5.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 langpref, 2 file, 3 blogpost, or 4 cat parameter...
CVE-2008-3194
Pluck CMS 4.5.1 contains directory traversal vulnerabilities in data/inc/themes/predefined_variables.php that allow remote attackers to include and execute local files via a .. in the langpref, file, blogpost, or cat parameters. This is triggered by the affected file path handling and is related ...