CVE-2007-1896

2007-04-09T16:19:00
ID CVE-2007-1896
Type cve
Reporter NVD
Modified 2017-10-10T21:32:01

Description

Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) and trailing %00 (NULL) in a my_ms[root] cookie.