Vulnerabilities > CVE-2007-2285 - Directory Traversal vulnerability in Jack Slocum EXT JS 1.0Alpha1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in examples/layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1 (Ext JS) allows remote attackers to read arbitrary files via a .. (dot dot) in the feed parameter. NOTE: analysis by third party researchers indicates that this issue might be platform dependent.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Ext 1.0 (feed-proxy.php feed) Remote File Disclosure Vulnerability. CVE-2007-2285. Webapps exploit for php platform |
file | exploits/php/webapps/3800.txt |
id | EDB-ID:3800 |
last seen | 2016-01-31 |
modified | 2007-04-25 |
platform | php |
port | |
published | 2007-04-25 |
reporter | Alkomandoz Hacker |
source | https://www.exploit-db.com/download/3800/ |
title | Ext 1.0 feed-proxy.php feed Remote File Disclosure Vulnerability |
type | webapps |
References
- http://attrition.org/pipermail/vim/2007-April/001545.html
- http://attrition.org/pipermail/vim/2007-April/001546.html
- http://attrition.org/pipermail/vim/2007-April/001549.html
- http://osvdb.org/35561
- http://www.securityfocus.com/bid/23643
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33864
- https://www.exploit-db.com/exploits/3800