Lucene search

[email protected]CVE-2007-1076

HistoryFeb 22, 2007 - 11:28 p.m.

CVE-2007-1076

2007-02-2223:28:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

directory traversal

phptraffica

vulnerability

remote attack

nvd

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.062 Low

EPSS

Percentile

93.5%

JSON

Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a … (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php.

CPENameOperatorVersion
phptraffica:phptrafficaphptrafficaeq1.4.1

CPE	Name	Operator	Version
phptraffica:phptraffica	phptraffica	eq	1.4.1

References

attrition.org/pipermail/vim/2007-February/001377.html

osvdb.org/33373

osvdb.org/33374

secunia.com/advisories/24242

soft.zoneo.net/phpTrafficA/news.php

www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1

www.securityfocus.com/bid/22655

www.vupen.com/english/advisories/2007/0709

exchange.xforce.ibmcloud.com/vulnerabilities/32628

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.062 Low

EPSS

Percentile

93.5%

JSON

Related for CVE-2007-1076

prion3 cve2 securityvulns1