Vulnerabilities > CVE-2007-2303 - File-Upload vulnerability in News Manager Deluxe News Manager Deluxe 1.0.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in includes/footer.php in News Manager Deluxe (NMDeluxe) 1.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | NMDeluxe 1.0.1 (footer.php template) Local File Inclusion Exploit. CVE-2007-2303. Webapps exploit for php platform |
| file | exploits/php/webapps/3742.pl |
| id | EDB-ID:3742 |
| last seen | 2016-01-31 |
| modified | 2007-04-15 |
| platform | php |
| port | |
| published | 2007-04-15 |
| reporter | BeyazKurt |
| source | https://www.exploit-db.com/download/3742/ |
| title | NMDeluxe 1.0.1 footer.php template Local File Inclusion Exploit |
| type | webapps |