CVE-2009-0423
CVE-2009-0423 describes a directory traversal vulnerability in the PHPPA (Php Photo Album) 0.8 BETA release. An attacker can exploit improper handling in index.php to cause local file inclusion via a .. (dot dot) in the preview parameter, enabling arbitrary local file access or execution. Impact ...