Published: 17/10/2007 Updated: 15/10/2018

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 409

Vector: AV:N/AC:H/Au:S/C:P/I:P/A:P

Static code injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the value parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sitebar sitebar 3.3.8

Several remote vulnerabilities have been discovered in sitebar, a web based bookmark manager written in PHP The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-5491 A directory traversal vulnerability in the translation module allows remote authenticated users to chmod arbitrary files to 0777 via ...

CWE-94 https://bugs.gentoo.org/attachment.cgi?id=133465&action=view https://bugs.gentoo.org/show_bug.cgi?id=195810 http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup http://www.debian.org/security/2007/dsa-1423 http://www.gentoo.org/security/en/glsa/glsa-200711-05.xml http://www.securityfocus.com/bid/26126 http://secunia.com/advisories/27503 http://secunia.com/advisories/28008 http://osvdb.org/43760 http://www.vupen.com/english/advisories/2007/3768 http://www.securityfocus.com/archive/1/482499/100/0/threaded https://nvd.nist.gov https://www.debian.org/security/./dsa-1423

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-5492

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect