CVE-2007-1932

2007-04-10T19:19:00
ID CVE-2007-1932
Type cve
Reporter NVD
Modified 2017-10-10T21:32:02

Description

Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sn_admin_dir parameter.