CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-6214

Directory traversal vulnerability in include/file_download.php in LearnLoop 2.0 beta7 allows remote attackers to read arbitrary files via a .. (dot dot) in the sFilePath parameter. NOTE: exploitation requires that the product is configured, but has zero files in the database.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.021

EPSS Ranking 83.2%

CVSS Severity

CVSS v2 Score 4.3

References

http://www.securityfocus.com/bid/26651
https://exchange.xforce.ibmcloud.com/vulnerabilities/38776
https://www.exploit-db.com/exploits/4680
http://www.securityfocus.com/bid/26651
https://exchange.xforce.ibmcloud.com/vulnerabilities/38776
https://www.exploit-db.com/exploits/4680

Products affected by CVE-2007-6214

Learnloop » Learnloop » Version: 2.0_beta7

cpe:2.3:a:learnloop:learnloop:2.0_beta7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-6214

Products

Pricing

Contact Us