CVE-2008-5265

Name of the Vulnerable Software and Affected Versions TNT Forum version 0.9.4

Description A directory traversal issue exists in index.php, allowing remote attackers to include and execute arbitrary local files when magic quotes gpc is disabled. This is achieved through directory traversal sequences in the modulo parameter.

Recommendations For TNT Forum version 0.9.4, consider disabling the execution of arbitrary local files or restricting access to the modulo parameter in the index.php file until a patch is available. Additionally, enabling magic quotes gpc can help mitigate this issue.