cpe:/a:gravity-gtd:gravity-gtd:0.2:beta cpe:/a:gravity-gtd:gravity-gtd:0.3 cpe:/a:gravity-gtd:gravity-gtd:0.4 cpe:/a:gravity-gtd:gravity-gtd:0.4.5 CVE-2008-5962 2009-01-23T14:00:05.170-05:00 2017-09-28T21:32:54.337-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-01-26T10:41:00.000-05:00 ALLOWS_OTHER_ACCESS BID 32646 SECUNIA 32982 EXPLOIT-DB 7344 XF gravitygtd-rpc-file-include(47090) Directory traversal vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the objectname parameter.