Directory traversal vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the CFG[site][project_path] parameter.Referenceshttps://www.exploit-db.com/exploits/4685https://exchange.xforce.ibmcloud.com/vulnerabilities/38802http://osvdb.org/39694
