Filtered by vendor Rama Cms Subscriptions
Filtered by product Rama Cms Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-5894 1 Rama Cms 1 Rama Cms 2024-11-21 N/A
Directory traversal vulnerability in lang.php in Rama CMS 0.68 and earlier, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by lang.php.