Vulnerability Details CVE-2007-5491
Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via ".." sequences in the lang parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.8%
CVSS Severity
CVSS v2 Score 9.0
References
- http://secunia.com/advisories/27503
- http://secunia.com/advisories/28008
- http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup
- http://www.debian.org/security/2007/dsa-1423
- http://www.gentoo.org/security/en/glsa/glsa-200711-05.xml
- http://www.securityfocus.com/bid/26126
- http://www.vupen.com/english/advisories/2007/3768
- https://bugs.gentoo.org/show_bug.cgi?id=195810
- http://secunia.com/advisories/27503
- http://secunia.com/advisories/28008
- http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup
- http://www.debian.org/security/2007/dsa-1423
- http://www.gentoo.org/security/en/glsa/glsa-200711-05.xml
- http://www.securityfocus.com/bid/26126
- http://www.vupen.com/english/advisories/2007/3768
- https://bugs.gentoo.org/show_bug.cgi?id=195810