CVE-2009-2224

Metadata

CVE-2009-2224
4.3
attrition.org, exploit-db.com, securityfocus.com
2009-06-26
2017-09-19 07:07

Description

Directory traversal vulnerability in ang/shared/flags.php in AN Guestbook 0.7.8, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the g_lang parameter.

Related Vulnerabilities