CVE-2009-1488

Name of the Vulnerable Software and Affected Versions: FunGamez version RC1

Description: A directory traversal issue exists, allowing remote attackers to include and execute arbitrary local files. This is achieved by providing a .. (dot dot) in the module parameter to "index.php".

Recommendations: For FunGamez version RC1, consider restricting access to the admin/load.php file until a patch is available. As a temporary workaround, avoid using the module parameter in the "index.php" endpoint to minimize the risk of exploitation.