Directory traversal vulnerability in PageTraiteDownload.php in phpMyConferences 8.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter. NOTE: this issue is disputed for 8.0.2 by a reliable third party, who notes that the PHP code is syntactically incorrect and cannot be executed
References
Configurations
History
07 Nov 2023, 02:01
Type | Values Removed | Values Added |
---|---|---|
Summary | Directory traversal vulnerability in PageTraiteDownload.php in phpMyConferences 8.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter. NOTE: this issue is disputed for 8.0.2 by a reliable third party, who notes that the PHP code is syntactically incorrect and cannot be executed |
Information
Published : 2007-11-05 17:46
Updated : 2024-08-07 16:15
NVD link : CVE-2007-5811
Mitre link : CVE-2007-5811
CVE.ORG link : CVE-2007-5811
JSON object : View
Products Affected
phpmyconferences
- phpmyconferences
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')