CVE-2007-4820

Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sisfo_kampus:sisfo_kampus:2006:*:*:*:*:*:*:*

History

21 Nov 2024, 00:36

Type Values Removed Values Added
References () http://osvdb.org/39017 - () http://osvdb.org/39017 -
References () http://www.securityfocus.com/bid/25605 - Exploit () http://www.securityfocus.com/bid/25605 - Exploit
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/36533 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/36533 -
References () https://www.exploit-db.com/exploits/4380 - () https://www.exploit-db.com/exploits/4380 -

Information

Published : 2007-09-11 19:17

Updated : 2024-11-21 00:36


NVD link : CVE-2007-4820

Mitre link : CVE-2007-4820

CVE.ORG link : CVE-2007-4820


JSON object : View

Products Affected

sisfo_kampus

  • sisfo_kampus
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')