Vulnerabilities > CVE-2007-3523 - Local File Include vulnerability in Groupeclan.Free.Fr Xcms 1.1

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
groupeclan-free-fr
exploit available

Summary

Multiple directory traversal vulnerabilities in Module/Galerie.php in XCMS 1.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) Ent or (2) Lang parameter.

Vulnerable Configurations

Part Description Count
Application
Groupeclan.Free.Fr
1

Exploit-Db

descriptionXCMS 1.1 (Galerie.php) Local File Inclusion Vulnerabilities. CVE-2007-3523. Webapps exploit for php platform
fileexploits/php/webapps/4131.txt
idEDB-ID:4131
last seen2016-01-31
modified2007-06-30
platformphp
port
published2007-06-30
reporterBlackNDoor
sourcehttps://www.exploit-db.com/download/4131/
titleXCMS 1.1 Galerie.php Local File Inclusion Vulnerabilities
typewebapps