|
|
CVE Reference: CVE-2007-3251 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3251 |
|
|
Description: Multiple directory traversal vulnerabilities in e-Vision CMS 2.02 and earlier allow remote attackers to (1) include and execute arbitrary local files via a .. (dot dot) in the adminlang cookie to admin/functions.php or (2) read arbitrary local files via the img parameter to admin/show_img.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/34792 http://xforce.iss.net/xforce/xfdb/34794 SAID Secunia Advisory: SA25605 OSVDB 38466 38467 MILW0RM http://milw0rm.com/exploits/4054 BID 24398 |
|
| Return to the previous page. |
