cpe:/a:tinycms:tinycms:1.1.2 CVE-2008-4740 2008-10-27T13:21:27.240-04:00 2017-09-28T21:32:19.713-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-10-27T13:56:00.000-04:00 ALLOWS_OTHER_ACCESS BID 30785 SECUNIA 31569 SREASON 4506 EXPLOIT-DB 6287 CONFIRM http://1scripts.net/php-scripts/index.php?p=6 XF tinycms-templater-file-include(44596) Directory traversal vulnerability in templater.php in the ZZ_Templater module in TinyCMS 1.1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[template] parameter.