CVE-2007-6213
published 2007-12-04CVE-2007-6213: Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1)…
PriorityP432medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
6.75%
93.2th percentile
Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) Root and (2) Path parameters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| webed | webed | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Harlandscripts Pro Traffic One - 'mypage.php' SQL Injection
exploitdb·2008-10-29
CVE-2008-6213 Harlandscripts Pro Traffic One - 'mypage.php' SQL Injection
Harlandscripts Pro Traffic One - 'mypage.php' SQL Injection
---
################################################################
# .___ __ _______ .___ #
# __| _/____ _______| | __ ____ \ _ \ __| _/____ #
# / __ |\__ \\_ __ \ |/ // ___\/ /_\ \ / __ |/ __ \ #
# / /_/ | / __ \| | \/ \_____ /\_____|\____\ #
# \/ \/ \/ #
# ___________ ______ _ __ #
# _/ ___\_ __ \_/ __ \ \/ \/ / #
# \ \___| | \/\ ___/\ / #
# \___ >__| \___ >\/\_/ #
# est.2007 \/ \/ forum.darkc0de.com #
################################################################
# --d3hydr8 -rsauron-baltazar -sinner_01 -C1c4Tr1Z - r45s4l #
# ---QKrun1x-P47tr1ck - FeDeReR -MAGE -JeTFyrE #
# and all darkc0de members ---#
################################################################
#
# Author: Beenu Arora
#
# Home : www.BeenuArora.com
#
Exploit-DB
WebED 0.0.9 - 'index.php' Remote File Disclosure
exploitdb·2007-11-29
CVE-2007-6213 WebED 0.0.9 - 'index.php' Remote File Disclosure
WebED 0.0.9 - 'index.php' Remote File Disclosure
---
WebED v0.0.9 (index.php) Remote File Disclosure Vulnerabilities
Script : http://heanet.dl.sourceforge.net/sourceforge/ed-engine/WebED_v0.0.9.tar.gz
Vuln Code In /mod/chat/index.php :
PoC :
/mod/chat/index.php?Root=../../../../../../etc/passwd
/mod/chat/index.php?Path=../../../../../../etc/pa
# milw0rm.com [2007-11-29]
No writeups or analysis indexed.
2007-12-04
Published