CVE-2005-4319 Information

Description

Directory traversal vulnerability in index2.php in Limbo CMS 1.0.4.2 and earlier allows remote attackers to include arbitrary PHP files via ..\ sequences in the option parameter.

Reference

http://rgod.altervista.org/limbo1042_xpl.html http://secunia.com/advisories/18063/ http://securityreason.com/securityalert/255 http://securitytracker.com/id?1015364 http://www.osvdb.org/21755 http://www.securityfocus.com/archive/1/419470/100/0/threaded http://www.securityfocus.com/bid/15871/ http://www.vupen.com/english/advisories/2005/2932