cpe:/a:anantasoft:gazelle_cms:1.0 CVE-2009-3167 2009-09-11T14:30:03.280-04:00 2017-09-18T21:29:29.360-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov 2009-09-11T14:25:00.000-04:00 BID 33483 SECUNIA 33686 EXPLOIT-DB 7895 EXPLOIT-DB 9425 Directory traversal vulnerability in index.php in Anantasoft Gazelle CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter.