Vulnerabilities > CVE-2007-3404 - Local File Include vulnerability in Sitedepth CMS 3.44

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
sitedepth
exploit available

Summary

Directory traversal vulnerability in ShowImage.php in SiteDepth CMS 3.44 allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.

Vulnerable Configurations

Part Description Count
Application
Sitedepth
1

Exploit-Db

descriptionSiteDepth CMS 3.44 (ShowImage.php name) File Disclosure Vulnerability. CVE-2007-3404. Webapps exploit for php platform
fileexploits/php/webapps/4105.txt
idEDB-ID:4105
last seen2016-01-31
modified2007-06-25
platformphp
port
published2007-06-25
reporterH4 / XPK
sourcehttps://www.exploit-db.com/download/4105/
titleSiteDepth CMS 3.44 - ShowImage.php name File Disclosure Vulnerability
typewebapps