CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-1138

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0850%
EPSS Percentile36.99th
Published2007年3月2日
Last Modified2026年4月23日

Vulnerability Description

Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter.

Affected Platforms (CPE)

📦
Cromosoft

Simple Plantilla Php

All versions

References & Advisories

🔗 http://osvdb.org/33138
🔗 http://securityreason.com/securityalert/2332
🔗 http://www.securityfocus.com/archive/1/460913/100/0/threaded
🔗 http://www.securityfocus.com/bid/22669
🔗 http://osvdb.org/33138
🔗 http://securityreason.com/securityalert/2332
🔗 http://www.securityfocus.com/archive/1/460913/100/0/threaded
🔗 http://www.securityfocus.com/bid/22669

相關漏洞威脅

CVE-2007-113910.0

Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to upload arbitrary scripts...

CVE-2007-182310.0

T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling N...

CVE-2007-158710.0

templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitrary programs by specifying the...

CVE-2007-020310.0

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.