CVE-2007-6581 (Social Engine) |
|
| BugsAlert Home > CVE-2007-6581 (Social Engine) | |
|
Multiple directory traversal vulnerabilities in Social Engine 2.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the global_lang parameter to (1) header_album.php, (2) header_blog.php, or (3) header_group.php; or (4) admin_header_album.php, (5) admin_header_blog.php, or (6) admin_header_group.php in admin/. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6581 Learn more about CVE-2007-6581 (Social Engine) |
|
| Tags: cve-2007-6581 social engine | |
Related Items |
|
|
FrSIRT - Mandriva Security Update Fixes OpenSSL Denial of Service Issues
|
|
|
#2036: Domain relaxation is not working in IE7.
|
|
|
HTML_BADSRC.C
|
|
|
CVE-2008-3249 (thinkvantage_system_update)
|
|
|
FrSIRT - Microsoft Windows Messenger Data Disclosure (MS08-050)
|
|
|
phpMyRealty <= 1.0.9 Multiple Remote SQL Injection Vulnerabilities
|
|
|
Mandriva: Subject: [Security Announce] [ MDVA-2008:155 ] kdebase4-runtime
|
|
