CVE-2008-6591 Information

Description

LightNEasy \no database\ (aka flat) version 1.2.2 and possibly SQLite version 1.2.2 allows remote attackers to create arbitrary files via the page parameter to (1) index.php and (2) LightNEasy.php.

Reference

http://osvdb.org/44678 http://osvdb.org/44679 http://secunia.com/advisories/29833 http://www.securityfocus.com/archive/1/491064/100/0/threaded http://www.securityfocus.com/bid/28839