Vulnerabilities > CVE-2007-3002 - Unspecified vulnerability in PHP Jackknife PHP Jackknife 2.21
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
PHP JackKnife (PHPJK) allows remote attackers to obtain sensitive information via (1) a request to index.php with an invalid value of the iParentUnq[] parameter, or a request to G_Display.php with an invalid (2) iCategoryUnq[] or (3) sSort[] array parameter, which reveals the path in various error messages.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://osvdb.org/45393
- http://osvdb.org/45393
- http://osvdb.org/45394
- http://osvdb.org/45394
- http://securityreason.com/securityalert/2768
- http://securityreason.com/securityalert/2768
- http://www.securityfocus.com/archive/1/470111/100/0/threaded
- http://www.securityfocus.com/archive/1/470111/100/0/threaded
- http://www.securityfocus.com/bid/24253
- http://www.securityfocus.com/bid/24253
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34644
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34644