CVE-2009-2444

Metadata

CVE-2009-2444
7.5
r00tsecurity.org, sourceforge.net, sourceforge.net, securityfocus.com, vupen.com, exchange.xforce.ibmcloud.com
2009-07-13
2017-08-17 06:09

Description

Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php.

Related Vulnerabilities