PT-2007-7305 · Phpay · Phpay

Michael Brooks

Published

2007-12-20

Updated

2018-10-15

CVE-2007-6471

CVSS v2.0

5.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions phPay version 2.02.01

Description The issue allows remote attackers to conduct directory traversal attacks and include and execute arbitrary local files via a .. (dot dot backslash) in the config parameter. This is due to an incomplete blacklist vulnerability in the main.php file.

Recommendations For phPay version 2.02.01, consider restricting access to the config parameter in the main.php file to minimize the risk of exploitation. Avoid using the config parameter with untrusted input until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2007-6471

Affected Products

Phpay

PT-2007-7305 · Phpay · Phpay

CVE-2007-6471

Weakness Enumeration

Related Identifiers

Affected Products

References · 8