Directory traversal vulnerability in the showSource function in showSource.php in World of Phaos 4.0.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1755)