CVE-2007-2503 in PHP Turbulenceinfo

Summary

** DISPUTED ** Directory traversal vulnerability in turbulence.php in PHP Turbulence 0.0.1 alpha allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tcore] parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party because a direct request to user/turbulence.php triggers a fatal error before inclusion.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

05/03/2007

Disclosure

05/03/2007

Entries

1: VDB-36607

CPE

ready

Exploit

Download

CVSS

9.8

EPSS

0.06117

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2007-2503
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2007-2503
CVE Detailshttps://www.cvedetails.com/cve/CVE-2007-2503/

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!