CVE-2007-2778

Name of the Vulnerable Software and Affected Versions MolyX BOARD version 2.5.0

Description The issue allows remote attackers to read arbitrary files due to multiple directory traversal vulnerabilities. This can be achieved by including a .. (dot dot) in the lang parameter to "index.php" and other unspecified PHP scripts.

Recommendations For MolyX BOARD version 2.5.0, consider restricting access to the lang parameter in the "index.php" script until a patch is available. As a temporary workaround, avoid using the lang parameter with untrusted input to minimize the risk of exploitation.