Vulnerabilities > CVE-2007-2069 - Applications 'dsn[phptype]' Parameter Local File Include vulnerability in openMairie

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

openmairie

exploit available

NVD

Published: 2007-04-18

Updated: 2017-10-11

Summary

Directory traversal vulnerability in scr/soustab.php in openMairie 1.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dsn[phptype] parameter.

Vulnerable Configurations

Part	Description	Count
Application	Openmairie Openmairie Openmairie *	1

Exploit-Db

description	openMairie 1.10 (scr/soustab.php) Local File Inclusion Vulnerability. CVE-2007-2069. Webapps exploit for php platform
file	exploits/php/webapps/3747.txt
id	EDB-ID:3747
last seen	2016-01-31
modified	2007-04-16
platform	php
port
published	2007-04-16
reporter	GoLd_M
source	https://www.exploit-db.com/download/3747/
title	openMairie 1.10 scr/soustab.php Local File Inclusion Vulnerability
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References