Vulnerabilities > CVE-2007-2252 - Input Validation vulnerability in Exponent CMS 0.96.5Rc1/0.96.6Alpha
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in iconspopup.php in Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain sensitive information via a .. (dot dot) in the icodir parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | Exponent CMS 0.96.5/ 0.96.6 iconspopup.php icodir Variable Traversal Arbitrary Directory Listing. CVE-2007-2252. Webapps exploit for php platform |
| id | EDB-ID:29872 |
| last seen | 2016-02-03 |
| modified | 2007-04-20 |
| published | 2007-04-20 |
| reporter | Hamid Ebadi |
| source | https://www.exploit-db.com/download/29872/ |
| title | Exponent CMS 0.96.5/ 0.96.6 iconspopup.php icodir Variable Traversal Arbitrary Directory Listing |