CVE-2009-3825
GenCMS 2006 contains multiple directory traversal flaws that allow remote attackers to include and execute arbitrary local files via the dot-dot (..) in the (1) p parameter to show.php and (2) the Template parameter to admin/pages/SiteNew.php. The affected software and parameters are stated in CV...