Lucene search
MitreCVELIST:CVE-2007-2836HistoryJul 02, 2007 - 7:00 p.m.
CVE-2007-2836
2007-07-0219:00:00
mitre
www.cve.org
1
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename that is marked for deletion at logout.
References
bugs.debian.org/cgi-bin/bugreport.cgi?bug=430691
hikiwiki.org/en/advisory20070624.html
hikiwiki.org/hiki-0_8_6.patch
jvn.jp/jp/JVN%2305187780/index.html
osvdb.org/37469
secunia.com/advisories/25764
secunia.com/advisories/25874
www.debian.org/security/2007/dsa-1324
www.securityfocus.com/bid/24603
www.vupen.com/english/advisories/2007/2304
exchange.xforce.ibmcloud.com/vulnerabilities/35029
Related
debian
debian
[SECURITY] [DSA 1324-1] New hiki packages fix missing input sanitising
2007-06-28 21:04:32
osv
osv
hiki
2007-06-28 00:00:00
prion
prion
Directory traversal
2007-07-02 19:30:00
Design/Logic Flaw
2007-06-26 17:30:00
nvd
nvd
CVE-2007-2836
2007-07-02 19:30:00
CVE-2007-3395
2007-06-26 17:30:00
nessus
nessus
Debian DSA-1324-1 : hiki - missing input sanitising
2007-07-01 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1324-1)
2023-03-08 00:00:00
cve
cve
CVE-2007-2836
2007-07-02 19:30:00
CVE-2007-3395
2007-06-26 17:30:00
ubuntucve
ubuntucve
CVE-2007-2836
2007-07-02 00:00:00
debiancve
debiancve
CVE-2007-2836
2007-07-02 19:30:00