Vulnerabilities > CVE-2007-0389 - Directory Traversal vulnerability in Arsdigita products

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
NONE
Availability impact
NONE
network
low complexity
arsdigita
exploit available
NVD
Published: 2007-01-19
Updated: 2018-10-16

Summary

Directory traversal vulnerability in ArsDigita Community System (ACS) 3.4.10 and earlier, and ArsDigita Community Education Solution (ACES) 1.1, allows remote attackers to read arbitrary files via .%252e/ (double-encoded dot dot slash) sequences in the URI.

Vulnerable Configurations

Part Description Count
Application
Arsdigita
2

Exploit-Db

descriptionArsDigita Community System 3.4.x Directory Traversal Vulnerability. CVE-2007-0389 . Remote exploit for linux platform
idEDB-ID:29496
last seen2016-02-03
modified2007-01-18
published2007-01-18
reporterElliot Kendall
sourcehttps://www.exploit-db.com/download/29496/
titleArsDigita Community System 3.4.x - Directory Traversal Vulnerability

References