CVE Vulnerabilities

CVE-2007-2503

Published: May 04, 2007 | Modified: May 17, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Directory traversal vulnerability in turbulence.php in PHP Turbulence 0.0.1 alpha allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tcore] parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party because a direct request to user/turbulence.php triggers a fatal error before inclusion

Affected Software

Name Vendor Start Version End Version
Php_turbulence Php_turbulence 0.0.1_alpha (including) 0.0.1_alpha (including)

References