cpe:/a:ninjadesigns:ninja_blog:4.8 CVE-2009-0325 2009-01-29T13:30:02.420-05:00 2017-09-28T21:33:44.827-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov 2009-01-29T14:24:00.000-05:00 BID 33351 SECUNIA 33573 EXPLOIT-DB 7831 MISC http://www.push55.co.uk/index.php?s=ad&id=6 MISC https://www.push55.co.uk/poclibrary/ninjadesignscouk-1.txt Directory traversal vulnerability in entries/index.php in Ninja Blog 4.8, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the cat parameter.