CVE-2008-6591

LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allows remote attackers to create arbitrary files via the page parameter to (1) index.php and (2) LightNEasy.php.

Date published : 2009-04-03

http://www.securityfocus.com/bid/28839

http://www.securityfocus.com/archive/1/491064/100/0/threaded