CVE-2008-2699 Information

Description

Multiple directory traversal vulnerabilities in Galatolo WebManager (GWM) 1.0 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in (1) the plugin parameter to admin/plugins.php or (2) the com parameter to index.php.

Reference

http://www.securityfocus.com/bid/29595 https://exchange.xforce.ibmcloud.com/vulnerabilities/42923 https://www.exploit-db.com/exploits/5758