CVE-2007-1933 Information

Description

Multiple directory traversal vulnerabilities in PcP-Guestbook (PcP-Book) 3.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php (2) gb.php or (3) faq.php.

Reference

http://osvdb.org/38459 http://osvdb.org/38460 http://osvdb.org/38461 https://exchange.xforce.ibmcloud.com/vulnerabilities/33491 https://www.exploit-db.com/exploits/3689