Directory traversal vulnerability in users/files.php in Eurologon CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a download action, as demonstrated by a certain PHP file containing database credentials.
References
Configurations
History
No history.
Information
Published : 2007-11-30 00:46
Updated : 2024-02-28 11:01
NVD link : CVE-2007-6185
Mitre link : CVE-2007-6185
CVE.ORG link : CVE-2007-6185
JSON object : View
Products Affected
eurologon
- eurologon_cms
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')