CVE-2007-5642

NONECVSS 0.0

0.0

Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the def_lang parameter to modules/files/list.php; the m_path parameter to (2) modules/projects/summary.inc.php or (3) modules/tasks/summary.inc.php; (4) the module parameter to modules/projects/list.php; or the module parameter to index.php in the (5) certinfo, (6) emails, (7) events, (8) fax, (9) files, (10) groupadm, (11) history, (12) info, (13) log, (14) mail, (15) messages, (16) organizations, (17) phones, (18) presence, (19) projects, (20) reports, (21) search, (22) snf, (23) syslog, (24) tasks, or (25) useradm subdirectory of modules/.

🔗 References (28)

cve@mitrehttp://osvdb.org/41951
cve@mitrehttp://osvdb.org/41954
cve@mitrehttp://osvdb.org/41955
cve@mitrehttp://osvdb.org/41956
cve@mitrehttp://osvdb.org/41960
cve@mitrehttp://osvdb.org/41963
cve@mitrehttp://osvdb.org/41970
cve@mitrehttp://osvdb.org/41972
cve@mitrehttp://osvdb.org/41974
cve@mitrehttp://osvdb.org/41975
cve@mitrehttp://secunia.com/advisories/27347
cve@mitrehttp://www.securityfocus.com/bid/26148
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/37348
cve@mitrehttps://www.exploit-db.com/exploits/4549
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/41951

Is Your Infrastructure Affected by CVE-2007-5642?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-5642

📅 Published

🔄 Last Modified

🔗 References (28)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-5642?