cpe:/a:lokicms:lokicms:0.1.0 cpe:/a:lokicms:lokicms:0.1.0rc1 cpe:/a:lokicms:lokicms:0.2.0 cpe:/a:lokicms:lokicms:0.3.0 cpe:/a:lokicms:lokicms:0.3.1b1 cpe:/a:lokicms:lokicms:0.3.1b2 cpe:/a:lokicms:lokicms:0.3.2b1 cpe:/a:lokicms:lokicms:0.3.3 cpe:/a:lokicms:lokicms:0.3.4 CVE-2008-5965 2009-01-26T15:30:00.203-05:00 2017-09-28T21:32:54.463-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2009-01-26T16:08:00.000-05:00 SECUNIA 30472 BID 31730 EXPLOIT-DB 6737 VUPEN ADV-2008-2798 XF lokicms-index-directory-traversal(45822) Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to check for the existence of arbitrary files via a .. (dot dot) in the page parameter.