Vulnerabilities > CVE-2007-2050 - Local File Include vulnerability in Ricargbook 1.2.1

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ricargbook
exploit available
NVD
Published: 2007-04-16
Updated: 2017-10-11

Summary

Multiple directory traversal vulnerabilities in header.php in RicarGBooK 1.2.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) a lang cookie or (2) the language parameter.

Vulnerable Configurations

Part Description Count
Application
Ricargbook
1

Exploit-Db

descriptionRicarGBooK 1.2.1 (header.php lang) Local File Inclusion Vulnerability. CVE-2007-2050. Webapps exploit for php platform
fileexploits/php/webapps/3718.txt
idEDB-ID:3718
last seen2016-01-31
modified2007-04-12
platformphp
port
published2007-04-12
reporterDj7xpl
sourcehttps://www.exploit-db.com/download/3718/
titleRicarGBooK 1.2.1 header.php lang Local File Inclusion Vulnerability
typewebapps

References