Vulnerabilities > CVE-2006-5786 - Local File Include vulnerability in E107 0.7.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in class2.php in e107 0.7.5 and earlier allows remote attackers to read and execute PHP code in arbitrary files via ".." sequences in the e107language_e107cookie cookie to gsitemap.php.
Exploit-Db
| description | e107. CVE-2006-5786. Webapps exploit for php platform |
| file | exploits/php/webapps/2711.php |
| id | EDB-ID:2711 |
| last seen | 2016-01-31 |
| modified | 2006-11-04 |
| platform | php |
| port | |
| published | 2006-11-04 |
| reporter | Kacper |
| source | https://www.exploit-db.com/download/2711/ |
| title | e107 <= 0.75 - e107language_e107cookie Local File Include Exploit |
| type | webapps |
Nessus
| NASL family | CGI abuses |
| NASL id | E107_E107LANGUAGE_E107COOKIE_FILE_INCLUDE.NASL |
| description | The |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 23624 |
| published | 2006-11-06 |
| reporter | This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/23624 |
| title | e107 class2.php e107language_e107cookie Cookie Traversal Local File Inclusion |