Vulnerabilities > CVE-2007-1933 - File-Upload vulnerability in Dreamcodes Pcp-Guestbook 3.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple directory traversal vulnerabilities in PcP-Guestbook (PcP-Book) 3.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) gb.php, or (3) faq.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | PcP-Guestbook 3.0 (lang) Local File Inclusion Vulnerabilities. CVE-2007-1933. Webapps exploit for php platform |
file | exploits/php/webapps/3689.txt |
id | EDB-ID:3689 |
last seen | 2016-01-31 |
modified | 2007-04-08 |
platform | php |
port | |
published | 2007-04-08 |
reporter | Dj7xpl |
source | https://www.exploit-db.com/download/3689/ |
title | PcP-Guestbook 3.0 lang Local File Inclusion Vulnerabilities |
type | webapps |