CVE-2009-4231 Information

Description

Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and earlier allows remote attackers to include and execute arbitrary local files via .. (dot dot) in the plugin parameter.

Reference

http://packetstormsecurity.org/0911-exploits/sweetrice-rfilfi.txt