CVE-2007-5465
published 2007-10-15CVE-2007-5465: Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.49%
82.6th percentile
Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter to an unspecified component.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mydoop | doop_cms | <= 1.3.7 | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5gg2-hxgm-989h: Directory traversal vulnerability in doop CMS 1
ghsa_unreviewed·2022-05-01
CVE-2007-5465 [HIGH] CWE-22 GHSA-5gg2-hxgm-989h: Directory traversal vulnerability in doop CMS 1
Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter to an unspecified component.
Red Hat
php htmlentities/htmlspecialchars multibyte sequences
vendor_redhat·2007-11-08·CVSS 7.5
CVE-2007-5898 [HIGH] php htmlentities/htmlspecialchars multibyte sequences
php htmlentities/htmlspecialchars multibyte sequences
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/37864http://secunia.com/advisories/27255http://www.securityfocus.com/bid/26075https://exchange.xforce.ibmcloud.com/vulnerabilities/37205https://www.exploit-db.com/exploits/4536http://osvdb.org/37864http://secunia.com/advisories/27255http://www.securityfocus.com/bid/26075https://exchange.xforce.ibmcloud.com/vulnerabilities/37205https://www.exploit-db.com/exploits/4536
2007-10-15
Published