CVE-2008-4740

Directory traversal vulnerability in templater.php in the ZZ_Templater module in TinyCMS 1.1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[template] parameter.
Configurations

Configuration 1

cpe:2.3:a:tinycms:tinycms:1.1.2:*:*:*:*:*:*:*

Information

Published : 2008-10-27 05:21

Updated : 2017-09-29 01:32


NVD link : CVE-2008-4740

Mitre link : CVE-2008-4740

Products Affected
No products.
CWE