CVE-2008-6726

Multiple directory traversal vulnerabilities in CMScout 2.06, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the bit parameter to (1) admin.php and (2) index.php, different vectors than CVE-2008-3415.

Date published : 2009-04-17

http://www.securityfocus.com/bid/33068

http://www.cmscout.co.za/index.php?page=news&id=30