Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2007-0335

Published: 18/01/2007 Updated: 16/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 690
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Jax Petition Book

Vulnerability Summary

Multiple directory traversal vulnerabilities in Jax Petition Book 1.0.3.06 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the languagepack parameter to (1) jax_petitionbook.php or (2) smileys.php.

Vulnerable Product Search on Vulmon Subscribe to Product

jax scripts jax petition book 1.0.3.06

Exploits

Exploit DB: Jax Petition 3.06 Book - 'smileys.php?languagepack' Local File Inclusion
source: wwwsecurityfocuscom/bid/22072/info Jax Petitionbook is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input An attacker can exploit these vulnerabilities using directory-traversal strings to have local script code execute in the context of the application This may allo ...
Exploit DB: Jax Petition Book 3.06 - 'jax_petitionbook.php?languagepack' Local File Inclusion
source: wwwsecurityfocuscom/bid/22072/info Jax Petitionbook is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input An attacker can exploit these vulnerabilities using directory-traversal strings to have local script code execute in the context of the application This may allow ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/22072http://secunia.com/advisories/23784http://securityreason.com/securityalert/2161http://osvdb.org/32836http://osvdb.org/32835http://www.vupen.com/english/advisories/2007/0220https://exchange.xforce.ibmcloud.com/vulnerabilities/31543http://www.securityfocus.com/archive/1/457077/100/0/threadedhttp://www.securityfocus.com/archive/1/456989/100/0/threadedhttp://www.securityfocus.com/archive/1/456981/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/29469/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook