cpe:/a:zanfi_solutions:zanfi_cms_lite:1.2 CVE-2008-4158 2008-09-22T14:34:15.797-04:00 2017-09-28T21:32:01.727-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-09-22T14:54:00.000-04:00 ALLOWS_OTHER_ACCESS SREASON 4290 EXPLOIT-DB 6413 XF zanficmslite-index-file-include(45027) Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) flag and (2) inc parameters.