Vulnerabilities > CVE-2007-3535 - Unspecified vulnerability in Frank Karau Gl-Sh Deaf Forum
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN frank-karau
exploit available
Summary
Multiple directory traversal vulnerabilities in GL-SH Deaf Forum 6.4.4 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) FORUM_LANGUAGE parameter to functions.php or the (2) style parameter to bottom.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description GL-SH Deaf Forum <= 6.5.5 Multiple Remote Vulnerabilities. CVE-2007-3535. Webapps exploit for php platform id EDB-ID:5870 last seen 2016-01-31 modified 2008-06-20 published 2008-06-20 reporter BugReport.IR source https://www.exploit-db.com/download/5870/ title gl-sh deaf forum <= 6.5.5 - Multiple Vulnerabilities description GL-SH Deaf Forum <= 6.4.4 Local File Inclusion Vulnerabilities. CVE-2007-3535. Webapps exploit for php platform file exploits/php/webapps/4124.txt id EDB-ID:4124 last seen 2016-01-31 modified 2007-06-28 platform php port published 2007-06-28 reporter Katatafish source https://www.exploit-db.com/download/4124/ title GL-SH Deaf Forum <= 6.4.4 - Local File Inclusion Vulnerabilities type webapps
References
- http://osvdb.org/37110
- http://osvdb.org/37110
- http://osvdb.org/37111
- http://osvdb.org/37111
- http://secunia.com/advisories/25893
- http://secunia.com/advisories/25893
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35160
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35160
- https://www.exploit-db.com/exploits/4124
- https://www.exploit-db.com/exploits/4124