cpe:/a:letterit:letterit:2 CVE-2008-3446 2008-08-04T13:41:00.000-04:00 2017-09-28T21:31:41.397-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-08-04T14:00:00.000-04:00 ALLOWS_OTHER_ACCESS BID 30482 SECUNIA 31298 SREASON 4101 EXPLOIT-DB 6179 XF letterit-wysiwyg-file-include(44129) Directory traversal vulnerability in inc/wysiwyg.php in LetterIt 2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.