2 matches found
CVE-2007-0820
CVE-2007-0820: Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 permit remote code execution via a URL in the chemin parameter to mod_news/index.php, mod_news/goodies.php, or mod_search/index.php. Root cause: inclusion of remote files enabled through user-controlla...
CVE-2007-0821
CVE-2007-0821 describes multiple directory traversal vulnerabilities in Cedric CLAIRE PortailPhp 2. An attacker can read arbitrary files by injecting a .. sequence into the chemin parameter of two PHP scripts: mod_news/index.php and mod_news/goodies.php. The underlying issue is improper validatio...