CVE-2008-2227 – Forum Rank System 6 - 'settings['locale']' Multiple Local File Inclusions

https://notcve.org/view.php?id=CVE-2008-2227

14 May 2008 — Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the settings[locale] parameter to (1) forum.php and (2) profile.php in infusions/rank_system/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples vulnerabilidades de Salto de Directorio en PHP-Fusion Forum Rank System 6 permiten a atacantes remotos incluir y ejecutar a... • https://www.exploit-db.com/exploits/31752 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •