CVE-2007-6086 - OpenCVE

Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Vigilecms	Vigilecms

Configuration 1 [-]

cpe:2.3:a:vigilecms:vigilecms:1.4:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/archive/1/483907/100/0/threaded
http://www.securityfocus.com/bid/26484
https://exchange.xforce.ibmcloud.com/vulnerabilities/38557
https://www.exploit-db.com/exploits/4632

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-11-22T00:00:00

Updated: 2018-10-15T20:57:01

Reserved: 2007-11-21T00:00:00

Link: CVE-2007-6086

JSON object: View

NVD Information

Status : Modified

Published: 2007-11-22T00:46:00.000

Modified: 2018-10-15T21:49:42.900

Link: CVE-2007-6086

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-18T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "4632", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/4632"}, {"name": "26484", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26484"}, {"name": "20071118 VigileCMS 1.4 Multiple Remote Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/483907/100/0/threaded"}, {"name": "vigilecms-index-file-include(38557)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38557"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6086", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "4632", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/4632"}, {"name": "26484", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26484"}, {"name": "20071118 VigileCMS 1.4 Multiple Remote Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483907/100/0/threaded"}, {"name": "vigilecms-index-file-include(38557)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38557"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6086", "datePublished": "2007-11-22T00:00:00", "dateReserved": "2007-11-21T00:00:00", "dateUpdated": "2018-10-15T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}