2 matches found
CVE-2007-0609
CVE-2007-0609 affects Advanced Guestbook 2.4.2, where a directory-traversal flaw allows an unauthenticated remote attacker to bypass .htaccess and cause local PHP code execution or template reads by submitting a crafted lang cookie value (dot-dot) and a filename without a .php extension in index....
[Full-disclosure] Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability
netVigilance Security Advisory 13 Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability Description: Advanced Guestbook is a PHP-based guestbook script. It includes many useful features such as preview, templates, e-mail notification, picture upload, page spanning , html tags handlin...