Directory traversal vulnerability in mod.php in eNdonesia 8.4 allows remote malicious users to read arbitrary files via a .. (dot dot) in the mod parameter.
endonesia endonesia 8.4