CVE

Id
29159  
CVE No.
CVE-2007-5802  
Status
Candidate  
Description
Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by including a local PHP script with a duplicate function declaration.  
Phase
Assigned (20071102)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
305898 29159 CVE-2007-5802 BUGTRAQ:20071101 Synergiser <= 1.2 RC1 Local File Inclusion & Full path disclosure  View
305899 29159 CVE-2007-5802 URL:http://www.securityfocus.com/archive/1/archive/1/483099/100/0/threaded  View
305900 29159 CVE-2007-5802 MISC:http://www.inj3ct-it.org/exploit/syner.txt  View
305901 29159 CVE-2007-5802 BID:26289  View
305902 29159 CVE-2007-5802 URL:http://www.securityfocus.com/bid/26289  View
305903 29159 CVE-2007-5802 VUPEN:ADV-2007-3745  View
305904 29159 CVE-2007-5802 URL:http://www.vupen.com/english/advisories/2007/3745  View
305905 29159 CVE-2007-5802 OSVDB:38371  View
305906 29159 CVE-2007-5802 URL:http://osvdb.org/38371  View
305907 29159 CVE-2007-5802 SECUNIA:27466  View
305908 29159 CVE-2007-5802 URL:http://secunia.com/advisories/27466  View
305909 29159 CVE-2007-5802 SREASON:3335  View
305910 29159 CVE-2007-5802 URL:http://securityreason.com/securityalert/3335  View
305911 29159 CVE-2007-5802 XF:synergiser-index-file-include(38217)  View
305912 29159 CVE-2007-5802 URL:http://xforce.iss.net/xforce/xfdb/38217  View
305913 29159 CVE-2007-5802 XF:synergiser-index-path-disclosure(38218)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
52229 JVNDB-2007-000919 IBM AIX の swcons コマンドにおける任意を操作される脆弱性 IBM AIX の cfgcon には swcons コマンドの -p オプションにおいて、引数の取り扱いに不備があり、システムグループの権限で任意のファイルを上書きされたり、作成されたりする脆弱性が存在します。 CVE-2007-5804 29159 6.9 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000919.html  View