Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4820

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-4820
Last Modified 05 Feb 2009 01:30:26
Published 11 Sep 2007 03:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4820

Summary

Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter.

Vulnerable Systems

Application

  • Sisfo Kampus 2006


References

BID - 25605

MILW0RM - 4380

OSVDB - 39017

XF - sisfokampus-nmf-file-include(36533)


Last Updated: 27 May 2016 10:45:58