CVE-2007-0821
published 2007-02-07CVE-2007-0821: Multiple directory traversal vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to read arbitrary files via a .. (dot dot) in the chemin…
PriorityP430medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
7.26%
93.6th percentile
Multiple directory traversal vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to read arbitrary files via a .. (dot dot) in the chemin parameter to (1) mod_news/index.php or (2) mod_news/goodies.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cedric | claire_portailphp | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PortailPHP 2 - '/mod_news/goodies.php?chemin' Traversal Arbitrary File Access
exploitdb·2007-02-03
CVE-2007-0821 PortailPHP 2 - '/mod_news/goodies.php?chemin' Traversal Arbitrary File Access
PortailPHP 2 - '/mod_news/goodies.php?chemin' Traversal Arbitrary File Access
---
source: https://www.securityfocus.com/bid/22381/info
PortailPHP is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
PortailPHP 2 is vulnerable to these issues; other versions may also be affected.
http://www.example.com/mod_news/goodies.php?chemin=../../../../../../../../../../../../../etc/passwd%00
Exploit-DB
PortailPHP 2 - '/mod_news/index.php?chemin' Traversal Arbitrary File Access
exploitdb·2007-02-03
CVE-2007-0821 PortailPHP 2 - '/mod_news/index.php?chemin' Traversal Arbitrary File Access
PortailPHP 2 - '/mod_news/index.php?chemin' Traversal Arbitrary File Access
---
source: https://www.securityfocus.com/bid/22381/info
PortailPHP is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
PortailPHP 2 is vulnerable to these issues; other versions may also be affected.
http://www.example.commod_news/index.php?chemin=../../../../../../../../../../../../../etc/passwd%00
No writeups or analysis indexed.
2007-02-07
Published