Vulnerability Details CVE-2007-4820
Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/39017
- http://www.securityfocus.com/bid/25605
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36533
- https://www.exploit-db.com/exploits/4380
- http://osvdb.org/39017
- http://www.securityfocus.com/bid/25605
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36533
- https://www.exploit-db.com/exploits/4380
Products affected by CVE-2007-4820
-
cpe:2.3:a:sisfo_kampus:sisfo_kampus:2006