CVE-2006-4420 Information

Description

Directory traversal vulnerability in include_lang.php in Phaos 0.9.2 allows remote attackers to include arbitrary local files via ..\ sequences in the lang parameter.

Reference

http://www.securityfocus.com/bid/19710 https://exchange.xforce.ibmcloud.com/vulnerabilities/28565 https://www.exploit-db.com/exploits/2253