Vulnerabilities > CVE-2007-1906

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ecardmax-com

mybb

exploit available

NVD

Published: 2007-04-10

Updated: 2024-11-21

Summary

Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, and the HotEditor plugin for MyBB, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the first parameter.

Vulnerable Configurations

Part	Description	Count
Application	Ecardmax.Com Ecardmax.Com HOT Editor 4.0	1
Application	Mybb Mybb Mybb HOT Editor Plugin *	1

Exploit-Db

description	eCardMAX HotEditor 4.0 Keyboard.PHP Local File Include Vulnerability. CVE-2007-1906 . Webapps exploit for php platform
id	EDB-ID:29827
last seen	2016-02-03
modified	2007-04-09
published	2007-04-09
reporter	Liz0ziM
source	https://www.exploit-db.com/download/29827/
title	eCardMAX HotEditor 4.0 Keyboard.PHP Local File Include Vulnerability

Vulnerabilities > CVE-2007-1906 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2007-1906"}]}

Summary

Vulnerable Configurations

Exploit-Db

References

Vulnerabilities > CVE-2007-1906