CVE-2007-5103

2007-09-2622:00:00

mitre

www.cve.org

AI Score

7.1

Confidence

High

EPSS

0.008

Percentile

81.3%

JSON

Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the _path parameter.

References

osvdb.org/38576

secunia.com/advisories/26924

www.exploit-db.com/exploits/4446