Lucene search

[email protected]NVD:CVE-2007-1076

HistoryFeb 22, 2007 - 11:28 p.m.

CVE-2007-1076

2007-02-2223:28:00

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.064

Percentile

93.7%

JSON

Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a … (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php.

Affected configurations

Nvd

Node

phptrafficaphptrafficaMatch1.4.1

VendorProductVersionCPE
phptrafficaphptraffica1.4.1cpe:2.3:a:phptraffica:phptraffica:1.4.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phptraffica	phptraffica	1.4.1	cpe:2.3:a:phptraffica:phptraffica:1.4.1:::::::*

References

attrition.org/pipermail/vim/2007-February/001377.html

osvdb.org/33373

osvdb.org/33374

secunia.com/advisories/24242

soft.zoneo.net/phpTrafficA/news.php

www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1

www.securityfocus.com/bid/22655

www.vupen.com/english/advisories/2007/0709

exchange.xforce.ibmcloud.com/vulnerabilities/32628

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.064

Percentile

93.7%

JSON

Related for NVD:CVE-2007-1076

cvelist3 prion3 cve3 exploitdb2 nvd2 securityvulns1