CVE-2008-5171 Information

Description

Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1 when register_globals is enabled allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) DB (2) lang and (3) skin parameters.

Reference

http://www.securityfocus.com/bid/29983 https://www.exploit-db.com/exploits/5952