CVE-2007-0821

Name of the Vulnerable Software and Affected Versions: PortailPhp 2

Description: The issue allows remote attackers to read arbitrary files via a .. (dot dot) in the chemin parameter to "/mod news/index.php" or "/mod news/goodies.php" API endpoints.

Recommendations: For PortailPhp 2, restrict access to the chemin parameter in the "/mod news/index.php" and "/mod news/goodies.php" API endpoints to prevent directory traversal attacks. Consider validating and sanitizing user input for the chemin parameter to minimize the risk of exploitation.