Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5811

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-5811
Last Modified 15 Nov 2008 02:02:19
Published 05 Nov 2007 12:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5811

Summary

** DISPUTED ** Directory traversal vulnerability in PageTraiteDownload.php in phpMyConferences 8.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter. NOTE: this issue is disputed for 8.0.2 by a reliable third party, who notes that the PHP code is syntactically incorrect and cannot be executed.

Vulnerable Systems

Application

  • Phpmyconferences 8.0.2


References

MILW0RM - 4590

VIM - 20071031 phpMyConferences <= 8.0.2 Remote File Disclosure Vulnerability

OSVDB - 39018

XF - phpmyconferences-dir-directory-traversal(38183)

BID - 26278


Last Updated: 27 May 2016 10:46:17