Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5732

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-5732
Last Modified 15 Nov 2008 02:02:00
Published 30 Oct 2007 07:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5732

Summary

Directory traversal vulnerability in downloadfile.php in eLouai's Force Download of media files script, as available on 20071030 and earlier, allows remote attackers to read arbitrary files via the file parameter. NOTE: this issue only occurs in environments where the system administrator has not followed the vendor recommendations that this product should only be used internally.

Vulnerable Systems

Application

  • Elouai Force Download


References

BUGTRAQ - 20071023 [Vulz] eLouai's Download Script Remote File Download Vulnerability

OSVDB - 39011

MISC - http://elouai.com/force-download.php

SREASON - 3321


Last Updated: 27 May 2016 10:46:15