CVE-2007-5491

Properties

Published:
16.10.2007
Updated:
31.10.2007
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Product:
SiteBar: SiteBar

Vulnerability description

Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via".."sequences in the lang parameter.

References:

https://bugs.gentoo.org/show_bug.cgi?id=195810:https://bugs.gentoo.org/show_bug.cgi?id=195810