CVE-2007-4028

2007-07-26T19:30:00
ID CVE-2007-4028
Type cve
Reporter cve@mitre.org
Modified 2018-10-15T21:32:00

Description

Absolute path traversal vulnerability in index.php in Webspell 4.01.02 allows remote attackers to include and execute arbitrary local files via a full pathname in the site parameter. NOTE: some of these details are obtained from third party information. Vendor has supplied a patch for this vulnerability: http://cms.webspell.org/index.php?site=files&cat=10