Vulnerabilities > CVE-2007-3772 - File-Upload vulnerability in Psnews 1.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Directory traversal vulnerability in news/show.php in PsNews 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newspath parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | PsNews 1.1 (show.php newspath) Local File Inclusion Vulnerability. CVE-2007-3772. Webapps exploit for php platform |
file | exploits/php/webapps/4174.txt |
id | EDB-ID:4174 |
last seen | 2016-01-31 |
modified | 2007-07-12 |
platform | php |
port | |
published | 2007-07-12 |
reporter | irk4z |
source | https://www.exploit-db.com/download/4174/ |
title | PsNews 1.1 show.php newspath Local File Inclusion Vulnerability |
type | webapps |