cpe:/a:launchpad:ignition:1.2 CVE-2009-4426 2009-12-28T14:00:00.657-05:00 2017-08-16T21:31:35.070-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-12-29T07:43:00.000-05:00 EXPLOIT-DB 10569 SECUNIA 37836 OSVDB 61225 OSVDB 61226 MISC http://packetstormsecurity.org/0912-exploits/ignition-lfi.txt XF ignition-blog-file-include(54940) Multiple directory traversal vulnerabilities in Ignition 1.2, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the blog parameter to (1) comment.php and (2) view.php.