Infopop UBB
Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null (%00) byte.
Exploitability
AV:N
AC:L
Au:N
Impact
C:N
I:P
A:N
5/AV:N/AC:L/Au:N/C:N/I:P/A:N