Vulnerabilities > CVE-2007-0118 - Directory Traversal vulnerability in Edittag 1.2

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
edittag
exploit available

Summary

Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow remote attackers to read arbitrary files via an absolute pathname in the file parameter to (1) edittag.cgi, (2) edittag.pl, (3) edittag_mp.cgi, or (4) edittag_mp.pl.

Vulnerable Configurations

Part Description Count
Application
Edittag
1

Exploit-Db

  • descriptionEditTag 1.2 edittag.pl file Variable Arbitrary File Disclosure. CVE-2007-0118. Webapps exploit for cgi platform
    idEDB-ID:29391
    last seen2016-02-03
    modified2007-01-05
    published2007-01-05
    reporterNetJackal
    sourcehttps://www.exploit-db.com/download/29391/
    titleEditTag 1.2 edittag.pl file Variable Arbitrary File Disclosure
  • descriptionEditTag 1.2 edittag_mp.cgi file Variable Arbitrary File Disclosure. CVE-2007-0118. Webapps exploit for cgi platform
    idEDB-ID:29392
    last seen2016-02-03
    modified2007-01-05
    published2007-01-05
    reporterNetJackal
    sourcehttps://www.exploit-db.com/download/29392/
    titleEditTag 1.2 edittag_mp.cgi file Variable Arbitrary File Disclosure
  • descriptionEditTag 1.2 edittag_mp.pl file Variable Arbitrary File Disclosure. CVE-2007-0118. Webapps exploit for cgi platform
    idEDB-ID:29393
    last seen2016-02-03
    modified2007-01-05
    published2007-01-05
    reporterNetJackal
    sourcehttps://www.exploit-db.com/download/29393/
    titleEditTag 1.2 edittag_mp.pl file Variable Arbitrary File Disclosure
  • descriptionEditTag 1.2 edittag.cgi file Variable Arbitrary File Disclosure. CVE-2007-0118 . Webapps exploit for cgi platform
    idEDB-ID:29390
    last seen2016-02-03
    modified2007-01-05
    published2007-01-05
    reporterNetJackal
    sourcehttps://www.exploit-db.com/download/29390/
    titleEditTag 1.2 edittag.cgi file Variable Arbitrary File Disclosure