Vulnerabilities > CVE-2007-2252 - Unspecified vulnerability in Exponent CMS 0.96.5Rc1/0.96.6Alpha
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN exponent
exploit available
Summary
Directory traversal vulnerability in iconspopup.php in Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain sensitive information via a .. (dot dot) in the icodir parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | Exponent CMS 0.96.5/ 0.96.6 iconspopup.php icodir Variable Traversal Arbitrary Directory Listing. CVE-2007-2252. Webapps exploit for php platform |
| id | EDB-ID:29872 |
| last seen | 2016-02-03 |
| modified | 2007-04-20 |
| published | 2007-04-20 |
| reporter | Hamid Ebadi |
| source | https://www.exploit-db.com/download/29872/ |
| title | Exponent CMS 0.96.5/ 0.96.6 iconspopup.php icodir Variable Traversal Arbitrary Directory Listing |
References
- http://osvdb.org/35051
- http://osvdb.org/35051
- http://secunia.com/advisories/24934
- http://secunia.com/advisories/24934
- http://www.bugtraq.ir/articles/advisory/exponent_multiple_vulnerabilities/10
- http://www.bugtraq.ir/articles/advisory/exponent_multiple_vulnerabilities/10
- http://www.securityfocus.com/bid/23574
- http://www.securityfocus.com/bid/23574
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33936
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33936