Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2007-5491

Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via ".." sequences in the lang parameter.

PublishedOct 17, 2007, 19:17

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://secunia.com/advisories/27503
http://secunia.com/advisories/28008
http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup
http://www.debian.org/security/2007/dsa-1423
http://www.gentoo.org/security/en/glsa/glsa-200711-05.xml
http://www.securityfocus.com/bid/26126
http://www.vupen.com/english/advisories/2007/3768
https://bugs.gentoo.org/show_bug.cgi?id=195810

Weakness Type

CWE-22

CVSS Metrics

Base Score

Vector String

AV:N/AC:L/Au:S/C:C/I:C/A:C

Base SeverityUnknown

Version

2.0

Attack Vector (AV)