Description

Directory traversal vulnerability in class2.php in e107 0.7.5 and earlier allows remote attackers to read and execute PHP code in arbitrary files via ".." sequences in the e107language_e107cookie cookie to gsitemap.php.

Remediation

References

CVE-2006-5786

Related Vulnerabilities

Oracle JRE CVE-2012-1716 Vulnerability (CVE-2012-1716)

WordPress Plugin Be POPIA Compliant Information Disclosure (1.1.5)

Ruby on Rails Resource Management Errors Vulnerability (CVE-2016-0751)

MySQL CVE-2016-0503 Vulnerability (CVE-2016-0503)

OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0701)

Severity

High

Classification

CVE-2006-5786

Tags

Missing Update Known Vulnerabilities