CVE-2007-6581

2007-12-2821:00:00

mitre

www.cve.org

7.3 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.8%

JSON

Multiple directory traversal vulnerabilities in Social Engine 2.0 allow remote attackers to include and execute arbitrary local files via a … (dot dot) in the global_lang parameter to (1) header_album.php, (2) header_blog.php, or (3) header_group.php; or (4) admin_header_album.php, (5) admin_header_blog.php, or (6) admin_header_group.php in admin/.

References

osvdb.org/40370

osvdb.org/40371

osvdb.org/40372

osvdb.org/40373

osvdb.org/40374

osvdb.org/40375

www.inj3ct-it.org/exploit/socialengine2.txt

www.securityfocus.com/bid/26990

www.exploit-db.com/exploits/4767