Home > Vulnerability Database > CVE-2007-5491

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2007-5491

Date: October 17, 2007

Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via ".." sequences in the lang parameter.

Severity Score

8.8

Related Resources (11)

Url: http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup

Url: http://www.vupen.com/english/advisories/2007/3768

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2007-5491

Url: http://www.securityfocus.com/bid/26126

Url: http://www.gentoo.org/security/en/glsa/glsa-200711-05.xml

Url: http://www.debian.org/security/2007/dsa-1423

Url: http://secunia.com/advisories/28008

Url: http://secunia.com/advisories/27503

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-5491

Url: https://bugs.gentoo.org/show_bug.cgi?id=195810

Url: https://www.mend.io/vulnerability-database/CVE-2007-5491

Severity Score

8.8

Weakness Type (CWE)

Path Traversal

CWE-22

CVSS v3.1

Base Score:	8.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	SINGLE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Do you need more information?

Contact Us