CVE-2006-4369

Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via an absolute pathname in the phpbb_root_path parameter.

Date published : 2006-08-25

http://www.securityfocus.com/bid/19689

http://www.securityfocus.com/archive/1/444207/100/0/threaded