CVE

Id
29178  
CVE No.
CVE-2007-5821  
Status
Candidate  
Description
Multiple directory traversal vulnerabilities in DM Guestbook 0.4.1 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lng parameter to (a) guestbook.php, (b) admin/admin.guestbook.php, or (c) auto/glob_new.php; or (2) the lngdefault parameter to auto/ch_lng.php.  
Phase
Assigned (20071105)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
306076 29178 CVE-2007-5821 MILW0RM:4597  View
306077 29178 CVE-2007-5821 URL:http://www.milw0rm.com/exploits/4597  View
306078 29178 CVE-2007-5821 BID:26300  View
306079 29178 CVE-2007-5821 URL:http://www.securityfocus.com/bid/26300  View
306080 29178 CVE-2007-5821 VUPEN:ADV-2007-3747  View
306081 29178 CVE-2007-5821 URL:http://www.vupen.com/english/advisories/2007/3747  View
306082 29178 CVE-2007-5821 OSVDB:39064  View
306083 29178 CVE-2007-5821 URL:http://osvdb.org/39064  View
306084 29178 CVE-2007-5821 OSVDB:39065  View
306085 29178 CVE-2007-5821 URL:http://osvdb.org/39065  View
306086 29178 CVE-2007-5821 OSVDB:39066  View
306087 29178 CVE-2007-5821 URL:http://osvdb.org/39066  View
306088 29178 CVE-2007-5821 OSVDB:39067  View
306089 29178 CVE-2007-5821 URL:http://osvdb.org/39067  View
306090 29178 CVE-2007-5821 XF:dmguestbook-lngdefault-file-include(38219)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
57605 JVNDB-2007-006297 Ben Ng Scribe の forum.php におけるディレクトリトラバーサルの脆弱性 Ben Ng Scribe の forum.php には、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2007-5823 29178 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-006297.html  View