Vulnerabilities > CVE-2007-2285 - Directory Traversal vulnerability in Jack Slocum EXT JS 1.0Alpha1

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
NONE
Availability impact
NONE
network
low complexity
jack-slocum
exploit available

Summary

Directory traversal vulnerability in examples/layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1 (Ext JS) allows remote attackers to read arbitrary files via a .. (dot dot) in the feed parameter. NOTE: analysis by third party researchers indicates that this issue might be platform dependent.

Vulnerable Configurations

Part Description Count
Application
Jack_Slocum
1

Exploit-Db

descriptionExt 1.0 (feed-proxy.php feed) Remote File Disclosure Vulnerability. CVE-2007-2285. Webapps exploit for php platform
fileexploits/php/webapps/3800.txt
idEDB-ID:3800
last seen2016-01-31
modified2007-04-25
platformphp
port
published2007-04-25
reporterAlkomandoz Hacker
sourcehttps://www.exploit-db.com/download/3800/
titleExt 1.0 feed-proxy.php feed Remote File Disclosure Vulnerability
typewebapps