CVE-2006-5786

E107 - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in class2.php in e107 0.7.5 and earlier allows remote attackers to read and execute PHP code in arbitrary files via ".." sequences in the e107language_e107cookie cookie to gsitemap.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kacper · phpwebappsphp

https://www.exploit-db.com/exploits/2711

View Code ZIP pw:eip

References (3)

[Exploit] http://www.securityfocus.com/bid/20913

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/30030

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/2711

Scores

EPSS 0.0629

EPSS Percentile 91.0%

Details

Status published

Products (1)

e107/e107 0.7.5

Published Nov 07, 2006

Tracked Since Feb 18, 2026