CVE-2010-0403

Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the app parameter.

Date published : 2010-05-18

http://www.securityfocus.com/bid/40167

http://www.securityfocus.com/archive/1/511299/100/0/threaded