CVE

Id
28426  
CVE No.
CVE-2007-5069  
Status
Candidate  
Description
Directory traversal vulnerability in data/compatible.php in the Nuke Mobile Entertainment 1 addon for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter.  
Phase
Assigned (20070924)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
295391 28426 CVE-2007-5069 BUGTRAQ:20070923 Nuke Mobile Entartainment Local File Inclusion  View
295392 28426 CVE-2007-5069 URL:http://www.securityfocus.com/archive/1/archive/1/480441/100/0/threaded  View
295393 28426 CVE-2007-5069 MILW0RM:4447  View
295394 28426 CVE-2007-5069 URL:http://www.milw0rm.com/exploits/4447  View
295395 28426 CVE-2007-5069 BID:25784  View
295396 28426 CVE-2007-5069 URL:http://www.securityfocus.com/bid/25784  View
295397 28426 CVE-2007-5069 VUPEN:ADV-2007-3252  View
295398 28426 CVE-2007-5069 URL:http://www.vupen.com/english/advisories/2007/3252  View
295399 28426 CVE-2007-5069 SECUNIA:26923  View
295400 28426 CVE-2007-5069 URL:http://secunia.com/advisories/26923  View
295401 28426 CVE-2007-5069 XF:nukemobileentertain-compatible-file-include(36745)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
53990 JVNDB-2007-002682 Simple PHP Blog の upload_img_cgi.php における任意のコードを実行される脆弱性 Simple PHP Blog の upload_img_cgi.php は、不完全なブラックリストが発生するため、危険なファイルをアップロードされ、任意のコードを実行される脆弱性が存在します。 CVE-2007-5071 28426 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002682.html  View