Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5069

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-5069
Last Modified 07 Mar 2011 10:00:02
Published 24 Sep 2007 07:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5069

Summary

Directory traversal vulnerability in data/compatible.php in the Nuke Mobile Entertainment 1 addon for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter.

Vulnerable Systems

Application

  • Massimo Chioni Mobile Entertainment Module 1


References

XF - nukemobileentertain-compatible-file-include(36745)

VUPEN - ADV-2007-3252

BID - 25784

BUGTRAQ - 20070923 Nuke Mobile Entartainment Local File Inclusion

MILW0RM - 4447

SECUNIA - 26923


Last Updated: 27 May 2016 10:46:04