2005-06-28 04:00:00
mitre
PUBLISHED
phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname in the filnavn variable.