cpe:/a:alexander_palmo:simple_php_blog:0.3.7c cpe:/a:alexander_palmo:simple_php_blog:0.4.0 cpe:/a:alexander_palmo:simple_php_blog:0.4.5 cpe:/a:alexander_palmo:simple_php_blog:0.4.6 cpe:/a:alexander_palmo:simple_php_blog:0.4.7 cpe:/a:alexander_palmo:simple_php_blog:0.4.7.1 cpe:/a:alexander_palmo:simple_php_blog:0.5.0.1 cpe:/a:alexander_palmo:simple_php_blog:0.5.1 CVE-2009-4421 2009-12-24T12:30:00.297-05:00 2017-08-16T21:31:34.850-04:00 6.5 NETWORK LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-12-25T14:18:00.000-05:00 BUGTRAQ 20091218 [ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability BID 37434 XF spb-bloblanguage1-file-include(54970) Directory traversal vulnerability in languages_cgi.php in Simple PHP Blog 0.5.1 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the blog_language1 parameter.