CVE-2009-0722

Directory traversal vulnerability in admin.php in Potato News 1.0.0 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the user cookie parameter.

Date published : 2009-02-24

http://www.securityfocus.com/bid/33729

https://www.exploit-db.com/exploits/8032