CVE-2009-0596 Information

Description

Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4 when register_globals is enabled allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter.

Reference

http://secunia.com/advisories/33382 http://www.securityfocus.com/bid/33092 https://www.exploit-db.com/exploits/7648