How severe is CVE-2007-6233?

The severity of CVE-2007-6233 has not been assessed with CVSS v3.

CVE-2007-6233

Name: ftp_admin
Author: ftp_admin

NONE

Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in som

发布于: 12/4/2007更新于: 4/9/2025

描述

Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.

AI分析AI驱动

受影响产品

ftp_adminftp_admin

0.1.0

可用漏洞利用 (1)

EDB-4681

webappsphpVERIFIED

ftp Admin 0.1.0 - Local File Inclusion / Cross-Site Scripting / Authentication Bypass

CVE-2007-6234CVE-2007-6233CVE-2007-6232

Omni11/29/2007

参考资料

http://secunia.com/advisories/27875
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/38779
https://www.exploit-db.com/exploits/4681
http://secunia.com/advisories/27875
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/38779
https://www.exploit-db.com/exploits/4681