cpe:/a:freewebshop:freewebshop:2.2.9:r2 CVE-2009-2338 2009-07-07T15:00:00.360-04:00 2017-09-18T21:29:03.657-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-07-08T07:42:00.000-04:00 BID 34538 SECUNIA 34707 EXPLOIT-DB 8446 Directory traversal vulnerability in includes/startmodules.inc.php in FreeWebshop.org 2.2.9 R2, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_file parameter.