CyberSec.Space Logo
Back to CVE Browser

CVE-2007-2200

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0690%
EPSS Percentile21.71th
PublishedApr 24, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Directory traversal vulnerability in navigator/navigator_ok.php in Pagode 0.5.8 allows remote attackers to read and possibly delete arbitrary files via a .. (dot dot) in the asolute parameter.

Affected Platforms (CPE)

πŸ“¦
Pagode

Pagode

= 0.5.8

References & Advisories

πŸ”— http://osvdb.org/35311
πŸ”— http://osvdb.org/35312
πŸ”— http://secunia.com/advisories/24992
πŸ”— http://www.securityfocus.com/bid/23617
πŸ”— http://www.vupen.com/english/advisories/2007/1512
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/33848
πŸ”— https://www.exploit-db.com/exploits/3783
πŸ”— http://osvdb.org/35311

Related Vulnerabilities

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-101510.0

SQL injection vulnerability in HaberDetay.asp in Aktueldownload Haber script allows remote attackers to execute arbitrary SQL comm...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-107310.0

Static code injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary PHP code via the bgcolo...