MidnightBSD

Advisories for ninjadesigns

CVE-2009-0325 MEDIUM

Directory traversal vulnerability in entries/index.php in Ninja Blog 4.8, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the cat parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
ninjadesigns ninja_blog 4.8