Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter.Referenceshttps://www.exploit-db.com/exploits/5919http://www.securityfocus.com/bid/29910https://exchange.xforce.ibmcloud.com/vulnerabilities/43327
