PT-2007-5915 · Pawfaliki · Pawfaliki

Published

2007-09-08

Updated

2017-07-29

CVE-2007-4764

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Pawfaliki version 0.5.1

Description: A directory traversal issue exists, allowing remote attackers to list arbitrary files by utilizing a .. (dot dot) in the page parameter of the pawfaliki.php file.

Recommendations: For Pawfaliki version 0.5.1, consider restricting access to the pawfaliki.php file until a patch is available, or avoid using the page parameter with untrusted input to minimize the risk of exploitation.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2007-4764

Affected Products

Pawfaliki

PT-2007-5915 · Pawfaliki · Pawfaliki

CVE-2007-4764

Weakness Enumeration

Related Identifiers

Affected Products

References · 5