Vulnerabilities > CVE-2007-1449 - Local File Include and SQL Injection vulnerability in PHP-Nuke Lang Parameter
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE network
phpnuke
Summary
Directory traversal vulnerability in mainfile.php in PHP-Nuke 8.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 12 |