CVE-2008-5949
ccTiddly is vulnerable to multiple remote file inclusion (RFI) flaws in versions 1.7.4 and 1.7.6 due to insufficient sanitization of user-supplied data in the cct_base parameter used by index.php, handle/proxy.php, header.php, include.php, workspace.php, and plugins/RSS/files/rss.php. Exploitatio...