How severe is CVE-2007-6233?

The severity of CVE-2007-6233 has not been assessed with CVSS v3.

CVE-2007-6233

Name: ftp_admin
Author: ftp_admin

NONE

Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in som

Published: 12/4/2007Updated: 4/9/2025

Description

Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.

AI AnalysisPowered by AI

Affected Products

ftp_adminftp_admin

0.1.0

Available Exploits (1)

EDB-4681

webappsphpVERIFIED

ftp Admin 0.1.0 - Local File Inclusion / Cross-Site Scripting / Authentication Bypass

CVE-2007-6234CVE-2007-6233CVE-2007-6232

Omni11/29/2007

References

http://secunia.com/advisories/27875
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/38779
https://www.exploit-db.com/exploits/4681
http://secunia.com/advisories/27875
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/38779
https://www.exploit-db.com/exploits/4681