CVE-2007-0804
N/A
N/A
Summary
Directory traversal vulnerability in admin/subpages.php in GGCMS 1.1.0 RC1 and earlier allows remote attackers to inject arbitrary PHP code into arbitrary files via ".." sequences in the subpageName parameter, as demonstrated by injecting PHP code into a template file.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.vupen.com/english/advisories/2007/0492
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32211
- http://www.securityfocus.com/bid/22412
- https://www.exploit-db.com/exploits/3271
- http://osvdb.org/35849
References
- http://www.vupen.com/english/advisories/2007/0492
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32211
- http://www.securityfocus.com/bid/22412
- https://www.exploit-db.com/exploits/3271
- http://osvdb.org/35849
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.