CVE-2007-1906

Loading...

General

Score:6.8/10.0
Severity:Medium
Category:N/A
Exploit:Available

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 11/04/07 - Updated on 16/10/18

Description

Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, and the HotEditor plugin for MyBB, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the first parameter.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2007-1906

Exploits

Exploit-DBEDB-29827
SecurityFocusBID-23377

Relative technologies

VendorProduct
ecardmax.comhot_editor
mybbmybb_hot_editor_plugin

Share this vulnerability with:

Twitter Facebook LinkedIn Mail