News Manager Deluxe CVE-2007-2303 File-Upload Vulnerability

News Manager Deluxe CVE-2007-2303 File-Upload Vulnerability

News Manager Deluxe is prone to a file-upload vulnerability. Directory traversal vulnerability in includes/footer.php in News Manager Deluxe (NMDeluxe) 1.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter.