Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4457

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2007-4457
Last Modified 15 Nov 2008 01:57:04
Published 21 Aug 2007 05:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4457

Summary

Directory traversal vulnerability in forumreply.php in Dalai Forum 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the chemin parameter.

Vulnerable Systems

Application

  • Florian Mahieu Dalai Forum 1.1


References

XF - dalaiforum-forumreply-file-include(36140)

BID - 25361

BUGTRAQ - 20070819 Dalai Forum Remote File Inclusion Exploit

OSVDB - 37831


Last Updated: 27 May 2016 10:45:52