Info

Last Modified

5 months ago

Percent Complete

15%

Disclosure

Apr 19, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

This Entry needs help! It is only 15% Complete. Click the edit link above to add more information.

Contributing is fast and easy, and benefits the entire security community.

Keywords

No Keywords

Description

(Description Provided by CVE) : Directory traversal vulnerability in upload/force_download.php in Zomplog 3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
OSVDB: Web Related

Products

Unknown or Incomplete

References

CVE ID: 2007-2157 (see also: NVD)
Bugtraq ID: 23553
Secunia Advisory ID: 24899
ISS X-Force ID: 33740
Related OSVDB ID: 35017
Milw0rm: 3764
FrSIRT Advisory: ADV-2007-1449
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2008-05/0102.html
Other Advisory URL: http://kandangjamur.net/tutorial/multiple-application.txt

Credit

Unknown or Incomplete

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches