Vulnerabilities > CVE-2007-0987 - Scripts Multiple Input Validation vulnerability in Jupiter CMS Jupiter CMS 1.1.5

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
jupiter-cms
exploit available

Summary

Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot), or an absolute pathname, in the n parameter.

Vulnerable Configurations

Part Description Count
Application
Jupiter_Cms
1

Exploit-Db

descriptionJupiter CMS 1.1.5 (index.php) Local/Remote File Include Vulnerability. CVE-2007-0986,CVE-2007-0987. Webapps exploit for php platform
fileexploits/php/webapps/3309.txt
idEDB-ID:3309
last seen2016-01-31
modified2007-02-14
platformphp
port
published2007-02-14
reporterDarkFig
sourcehttps://www.exploit-db.com/download/3309/
titleJupiter CMS 1.1.5 index.php Local/Remote File Include Vulnerability
typewebapps