cpe:/a:fuzzylime:fuzzylime_cms:3.01:a CVE-2008-3165 2008-07-14T19:41:00.000-04:00 2017-09-28T21:31:33.630-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-07-15T12:00:00.000-04:00 BID 30103 SECUNIA 30930 SREASON 3995 EXPLOIT-DB 6009 XF fuzzylimecms-content-command-execution(43606) XF fuzzylimecms-rss-file-include(43605) Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter, as demonstrated using content.php, a different vector than CVE-2007-4805.