CVE-2008-4773

Name of the Vulnerable Software and Affected Versions QuestCMS (affected versions not specified)

Description A directory traversal issue exists, allowing remote attackers to read arbitrary local files by utilizing a .. (dot dot) in the theme parameter of the main/main.php file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.