Directory traversal vulnerability in turbulence.php in PHP Turbulence 0.0.1 alpha allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tcore] parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party because a direct request to user/turbulence.php triggers a fatal error before inclusion
References
Configurations
History
07 Nov 2023, 02:00
Type | Values Removed | Values Added |
---|---|---|
Summary | Directory traversal vulnerability in turbulence.php in PHP Turbulence 0.0.1 alpha allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tcore] parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party because a direct request to user/turbulence.php triggers a fatal error before inclusion |
Information
Published : 2007-05-04 01:19
Updated : 2024-08-07 14:15
NVD link : CVE-2007-2503
Mitre link : CVE-2007-2503
CVE.ORG link : CVE-2007-2503
JSON object : View
Products Affected
php_turbulence
- php_turbulence
CWE