CVE-2007-5055

Publication date

2007-09-24 22:00:00

Family

mitre

State

PUBLISHED

Description

Multiple directory traversal vulnerabilities in iziContents 1 RC6 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the admin_home parameter to modules/poll/poll_summary.php or (2) the rootdp parameter to include/db.php.