CVE

Id
26862  
CVE No.
CVE-2007-3505  
Status
Candidate  
Description
Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) sequence in the lang parameter to (1) qtf_checkname.php, (2) qtf_j_birth.php, or (3) qtf_j_exists.php.  
Phase
Assigned (20070702)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
274081 26862 CVE-2007-3505 MILW0RM:4115  View
274082 26862 CVE-2007-3505 URL:http://milw0rm.com/exploits/4115  View
274083 26862 CVE-2007-3505 BID:24671  View
274084 26862 CVE-2007-3505 URL:http://www.securityfocus.com/bid/24671  View
274085 26862 CVE-2007-3505 VUPEN:ADV-2007-2373  View
274086 26862 CVE-2007-3505 URL:http://www.vupen.com/english/advisories/2007/2373  View
274087 26862 CVE-2007-3505 OSVDB:36485  View
274088 26862 CVE-2007-3505 URL:http://osvdb.org/36485  View
274089 26862 CVE-2007-3505 OSVDB:36486  View
274090 26862 CVE-2007-3505 URL:http://osvdb.org/36486  View
274091 26862 CVE-2007-3505 OSVDB:36487  View
274092 26862 CVE-2007-3505 URL:http://osvdb.org/36487  View
274093 26862 CVE-2007-3505 SECUNIA:25868  View
274094 26862 CVE-2007-3505 URL:http://secunia.com/advisories/25868  View
274095 26862 CVE-2007-3505 XF:quicktalkforum-lang-file-include(35117)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
53572 JVNDB-2007-002264 flac123 の vorbiscomment.c におけるスタックベースのバッファオーバーフローの脆弱性 flac123 の vorbiscomment.c の the local__vcentry_parse_value 関数には、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2007-3507 26862 9.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002264.html  View