CVE-2008-2978

Name of the Vulnerable Software and Affected Versions Ourvideo CMS version 9.5

Description The issue allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the prefix parameter when register globals is enabled.

Recommendations For Ourvideo CMS version 9.5, consider disabling the register globals setting to prevent exploitation. Additionally, restrict access to the phpi/rss.php file until a patch is available. Avoid using the prefix parameter in the affected file until the issue is resolved.