Directory traversal vulnerability in mods/Integrated/index.php in SineCMS 2.3.5 and earlier, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via the sine[config][index_main] parameter.Referenceshttp://www.securityfocus.com/bid/27156https://www.exploit-db.com/exploits/4854http://osvdb.org/40084https://exchange.xforce.ibmcloud.com/vulnerabilities/39446http://secunia.com/advisories/28305
