CVE-2007-5092
published 2007-09-26CVE-2007-5092: Directory traversal vulnerability in index.php in the Dance Music module for phpNuke, when register_globals is enabled, allows remote attackers to include and…
PriorityP334medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
2.30%
81.2th percentile
Directory traversal vulnerability in index.php in the Dance Music module for phpNuke, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in an ACCEPT_FILE array parameter to modules.php.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/37335http://secunia.com/advisories/26958http://securityreason.com/securityalert/3169http://www.securityfocus.com/archive/1/480578/100/0/threadedhttp://www.securityfocus.com/bid/25806http://www.waraxe.us/advisory-54.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/36772http://osvdb.org/37335http://secunia.com/advisories/26958http://securityreason.com/securityalert/3169http://www.securityfocus.com/archive/1/480578/100/0/threadedhttp://www.securityfocus.com/bid/25806http://www.waraxe.us/advisory-54.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/36772
2007-09-26
Published