CVE-2007-1932

2007-04-10T23:19:00
ID CVE-2007-1932
Type cve
Reporter cve@mitre.org
Modified 2017-10-11T01:32:00

Description

Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sn_admin_dir parameter.