Описание
Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php.
Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-1076
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32628
- http://attrition.org/pipermail/vim/2007-February/001377.html
- http://osvdb.org/33373
- http://osvdb.org/33374
- http://secunia.com/advisories/24242
- http://soft.zoneo.net/phpTrafficA/news.php
- http://www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1
- http://www.securityfocus.com/bid/22655
- http://www.vupen.com/english/advisories/2007/0709
Связанные уязвимости
nvd
почти 19 лет назад
Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php.