Verlihub Control Panel <= 1.7 - Path Traversal via Page Parameter
Directory traversal vulnerability in index.php in Verlihub Control Panel (VHCP) 1.7 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) in the page parameter.