CVE-2007-2050
published 2007-04-16CVE-2007-2050: Multiple directory traversal vulnerabilities in header.php in RicarGBooK 1.2.1 allow remote attackers to include and execute arbitrary local files via a .…
PriorityP430medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.44%
87.5th percentile
Multiple directory traversal vulnerabilities in header.php in RicarGBooK 1.2.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) a lang cookie or (2) the language parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ricargbook | ricargbook | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Nortel Networks UNIStim IP SoftPhone 2050 - RTCP Port Buffer Overflow
exploitdb·2007-10-18
CVE-2007-5636 Nortel Networks UNIStim IP SoftPhone 2050 - RTCP Port Buffer Overflow
Nortel Networks UNIStim IP SoftPhone 2050 - RTCP Port Buffer Overflow
---
source: https://www.securityfocus.com/bid/26118/info
Nortel Networks UNIStim IP Softphone is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Flood.java
/**
* June, 2007 - Cyrill Brunschwiler - COMPASS SECURITY AG
*
* No warranty, all rights reserved.
*/
package ch.csnc.udpollution;
import java.io.IOException;
import java.net.DatagramPacket;
import java.net.DatagramSocket;
import java.net.InetSocketAddress;
imp
Exploit-DB
RicarGBooK 1.2.1 - 'lang' Local File Inclusion
exploitdb·2007-04-12
CVE-2007-2050 RicarGBooK 1.2.1 - 'lang' Local File Inclusion
RicarGBooK 1.2.1 - 'lang' Local File Inclusion
---
-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-
RicarGBooK 1.2.1
-=-=-=-=-=-=-=-=-=-=-=-=D=J=7=X=P=L=-=-=-=-=-=-=-=-=-=-=-=-=-
-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-
* Author :
Dj7xpl / Dj7xpl[at]Yahoo[dot]com
* Type :
Local File Inclusion Vulnerabilitiy By Cookie
* Download :
http://ricargbook.adrielmedia.com
-=-=-=-=-=-=-=-=-=-=-=-=D=J=7=X=P=L=-=-=-=-=-=-=-=-=-=-=-=-=-
-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-
* Vuln Code : -=-= Header.php =-=-
if (isset($HTTP_COOKIE_VARS["lang"])) {
$guest_lang = $HTTP_COOKIE_VARS["lang"];
include ('languages/'.$guest_lang);
} else {
$guest_lang = $language;
include ('languages/'.$language);
-=-=-=-=-=-=-=-=-=-=-=-=D=J=7=X=P=L=-=-
No writeups or analysis indexed.
http://osvdb.org/34909http://secunia.com/advisories/24858http://www.securityfocus.com/bid/23450http://www.vupen.com/english/advisories/2007/1370https://exchange.xforce.ibmcloud.com/vulnerabilities/33596https://www.exploit-db.com/exploits/3718http://osvdb.org/34909http://secunia.com/advisories/24858http://www.securityfocus.com/bid/23450http://www.vupen.com/english/advisories/2007/1370https://exchange.xforce.ibmcloud.com/vulnerabilities/33596https://www.exploit-db.com/exploits/3718
2007-04-16
Published