CVE-2007-0609 - Directory traversal vulnerability in Advanced Guestbook 2.4.2 allows remote attackers to bypass .hta

CVE-2007-0609

Summary

Directory traversal vulnerability in Advanced Guestbook 2.4.2 allows remote attackers to bypass .htaccess settings, and execute arbitrary PHP local files or read arbitrary local templates, via a .. (dot dot) in a lang cookie, followed by a filename without its .php extension, as demonstrated via a request to index.php.

References

Vulnerable Configurations

cpe:2.3:a:advanced_guestbook:advanced_guestbook:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:advanced_guestbook:advanced_guestbook:2.4.2:*:*:*:*:*:*:*

CVSS

Base:	5.1 (as of 16-10-2018 - 16:33)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:H/Au:N/C:P/I:P/A:P

refmap via4

bid	23876
bugtraq	20070507 Advanced Guestbook version 2.4.2 Directory Traversal Vulnerability 20070507 Advanced Guestbook version 2.4.2 Multiple XSS Attack Vulnerabilities
misc	http://www.netvigilance.com/advisory0012 http://www.netvigilance.com/advisory0013
secunia	25153
sreason	2662
vupen	ADV-2007-1726
xf	advanced-index-directory-traversal(34152)

Last major update

16-10-2018 - 16:33

Published

09-05-2007 - 17:19

Last modified

16-10-2018 - 16:33