CVE-2009-2132

Publication date

2009-06-19 17:32:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in global.php in 4images before 1.7.7, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the l parameter.