CVE-2007-1138

Publication date

2007-02-27 18:00:00

Family

mitre

State

PUBLISHED

Description

Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter.