CVE-2010-0799

Directory traversal vulnerability in misc/tell_a_friend/tell.php in phpunity.newsmanager allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter.

Date published : 2010-03-02

http://www.exploit-db.com/exploits/11290

http://packetstormsecurity.org/1001-exploits/phpunity-lfi.txt