CVE-2007-6567

Publication date

2007-12-28 21:00:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagename parameter in a page view action.