Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter.
References
Configurations
History
21 Nov 2024, 00:36
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/39017 - | |
References | () http://www.securityfocus.com/bid/25605 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/36533 - | |
References | () https://www.exploit-db.com/exploits/4380 - |
Information
Published : 2007-09-11 19:17
Updated : 2024-11-21 00:36
NVD link : CVE-2007-4820
Mitre link : CVE-2007-4820
CVE.ORG link : CVE-2007-4820
JSON object : View
Products Affected
sisfo_kampus
- sisfo_kampus
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')