Lucene search
MitreCVE-2007-6233HistoryDec 04, 2007 - 6:46 p.m.
CVE-2007-6233
2007-12-0418:46:00
CWE-22
mitre
web.nvd.nist.gov
29
cve
2007
6233
directory traversal
ftp admin
vulnerability
remote authenticated users
arbitrary local files
unc share pathname
ftp url
ssh2.sftp url
CVSS2
4.9
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
51.0%
Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a … (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
Affected configurations
Node
ftp_adminftp_adminMatch0.1.0
Related
prion
prion
Directory traversal
2007-12-04 18:46:00
cvelist
cvelist
CVE-2007-6233
2007-12-04 18:00:00
nvd
nvd
CVE-2007-6233
2007-12-04 18:46:00
exploitdb
exploitdb
CVSS2
4.9
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
51.0%
Related for CVE-2007-6233