|
CVE Reference: CVE-2007-5920
|
|
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.
|
|
Original Page at CVE MITRE:
CVE-2007-5920
|
|
Description:
index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors, possibly due to a directory traversal vulnerability. NOTE: this can be leveraged to bypass authentication and upload files by including pico_insert.php or unspecified other administrative scripts. NOTE: some of these details are obtained from third party information.
|
|
CVE Status:
Candidate
|
|
References:
XF
http://xforce.iss.net/xforce/xfdb/38310
SAID
Secunia Advisory: SA27504
OSVDB
42106
MISC
http://picoflat.altervista.org/
BID
26362
|
|
|
Return to the previous page.
|
