Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via ".." sequences in the lang parameter.
References
Configurations
History
21 Nov 2024, 00:38
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/27503 - | |
References | () http://secunia.com/advisories/28008 - | |
References | () http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup - | |
References | () http://www.debian.org/security/2007/dsa-1423 - | |
References | () http://www.gentoo.org/security/en/glsa/glsa-200711-05.xml - | |
References | () http://www.securityfocus.com/bid/26126 - | |
References | () http://www.vupen.com/english/advisories/2007/3768 - | |
References | () https://bugs.gentoo.org/show_bug.cgi?id=195810 - |
Information
Published : 2007-10-17 19:17
Updated : 2024-11-21 00:38
NVD link : CVE-2007-5491
Mitre link : CVE-2007-5491
CVE.ORG link : CVE-2007-5491
JSON object : View
Products Affected
sitebar
- sitebar
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')