CVE-2007-0205

NONECVSS 0.0

0.0

Directory traversal vulnerability in admin/skins.php for @lex Guestbook 4.0.2 and earlier allows remote attackers to create files in arbitrary directories via ".." sequences in the (1) aj_skin and (2) skin_edit parameters. NOTE: this can be leveraged for file inclusion by creating a skin file in the lang directory, then referencing that file via the lang parameter to index.php, which passes a sanity check in livre_include.php.

🔗 References (16)

cve@mitrehttp://acid-root.new.fr/poc/20070107.txt
cve@mitrehttp://osvdb.org/31708
cve@mitrehttp://osvdb.org/31709
cve@mitrehttp://securityreason.com/securityalert/2135
cve@mitrehttp://www.securityfocus.com/archive/1/456218/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/21926
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/31397
cve@mitrehttps://www.exploit-db.com/exploits/3103
af854a3a-2127-422b-91ae-364da2661108http://acid-root.new.fr/poc/20070107.txt
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/31708
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/31709
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/2135
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/456218/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/21926
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/31397

Is Your Infrastructure Affected by CVE-2007-0205?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-0205

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-0205?