{"id": "OSVDB:34776", "bulletinFamily": "software", "title": "eCardMAX HotEditor richedit/keyboard.php first Variable Traversal Local File Inclusion", "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:24825](https://secuniaresearch.flexerasoftware.com/advisories/24825/)\nOther Advisory URL: http://www.expw0rm.com/hot-editor-v40-local-file-inclusion_no113.html\nOther Advisory URL: http://www.expw0rm.com/mybb-hot-editor-plugin-local-file-inclusion_no114.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0148.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0145.html\nISS X-Force ID: 33521\nFrSIRT Advisory: ADV-2007-1315\n[CVE-2007-1906](https://vulners.com/cve/CVE-2007-1906)\nBugtraq ID: 23377\n", "published": "2007-04-09T11:18:45", "modified": "2007-04-09T11:18:45", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:34776", "reporter": "OSVDB", "references": [], "cvelist": ["CVE-2007-1906"], "type": "osvdb", "lastseen": "2017-04-28T13:20:31", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "516ea43cee76c586743f9f5d9b6b3cd1"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "66318c905d4b4854c71f0043e9961d6b"}, {"key": "href", "hash": "f013c996af47602ef7e8e8ce8e3864fc"}, {"key": "modified", "hash": "1da92b3d38eb56a70dc163a85209948e"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "1da92b3d38eb56a70dc163a85209948e"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "a0459eeac9742d18dbef03d7533f1e9f"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "hash": "7049e504028c8717d780004860f434e7815b306bbad1c622338c72cadcb531a9", "viewCount": 0, "objectVersion": "1.2", "affectedSoftware": [], "enchantments": {"vulnersScore": 2.1}}

{"result": {"cve": [{"id": "CVE-2007-1906", "type": "cve", "title": "CVE-2007-1906", "description": "Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, and the HotEditor plugin for MyBB, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the first parameter.", "published": "2007-04-10T19:19:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1906", "cvelist": ["CVE-2007-1906"], "lastseen": "2017-07-29T11:21:57"}], "exploitdb": [{"id": "EDB-ID:29827", "type": "exploitdb", "title": "eCardMAX HotEditor 4.0 Keyboard.PHP Local File Include Vulnerability", "description": "eCardMAX HotEditor 4.0 Keyboard.PHP Local File Include Vulnerability. CVE-2007-1906 . Webapps exploit for php platform", "published": "2007-04-09T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/29827/", "cvelist": ["CVE-2007-1906"], "lastseen": "2016-02-03T11:13:05"}]}}