Piwik versions 0.6 through 0.6.3 are vulnerable to arbitrary,
remote file inclusion using a directory traversal pattern infinite
a crafted request for a data renderer.
A vulnerability has been reported in Piwik, which can before
exploited by malicious people to disclose potentially
sensitive information. Input passed to unspecified parameters
when requesting a data renderer is not properly verified before
being used to include files. This can be exploited to includes
arbitrary files from local resources via directory traversal
attacks.