Mandriva Linux Security Advisory 2010-023 - Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 allows remote attackers to include and execute arbitrary local files via a. (dot dot) in the cmd parameter. The updated packages have been patched to correct this issue.
919ce3ebc0904ce71b5a38ada44d1181671fce8f9905af11dbe72293fda69980