Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the (1) Contact_Plus and (2) Reviews modules, and (3) the module_name parameter to admin/includes/FANCYNLOptions.php in the Fancy_NewsLetter module.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2009-02-06T01:00:00
Updated: 2024-08-07T04:31:26.391Z
Reserved: 2009-02-05T00:00:00
Link: CVE-2009-0457
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-02-10T07:00:23.967
Modified: 2024-11-21T00:59:56.920
Link: CVE-2009-0457
Redhat
No data.