CVE-2007-5454

Name of the Vulnerable Software and Affected Versions: PHP File Sharing System version 1.5.1

Description: The issue allows remote attackers to perform unauthorized actions such as listing or creating arbitrary directories, or deleting arbitrary files. This can be achieved by exploiting a directory traversal vulnerability in the index.php file, for example, by using a .. (dot dot) in the cam parameter.

Recommendations: For PHP File Sharing System version 1.5.1, consider restricting access to the vulnerable index.php file until a patch is available. As a temporary workaround, avoid using the cam parameter in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.