CVE-2007-0893
phpMyVisites < 2.2 - Path Traversal via pmv_ck_view Cookie Parameter
Title source: llmDescription
Directory traversal vulnerability in phpMyVisites before 2.2 allows remote attackers to include arbitrary files via leading ".." sequences on the pmv_ck_view COOKIE parameter, which bypasses the protection scheme.
References (5)
Core 5
Core References
Third Party Advisory mailing-list
x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=117121596803908&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32433
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/459792/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22516
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/33178
Scores
EPSS
0.0266
EPSS Percentile
83.9%
Details
CWE
CWE-22
Status
published
Products (9)
matthieu_aubry/phpmyvisites
0.1_beta
matthieu_aubry/phpmyvisites
1.0
matthieu_aubry/phpmyvisites
1.1
matthieu_aubry/phpmyvisites
1.2
matthieu_aubry/phpmyvisites
1.2.1
matthieu_aubry/phpmyvisites
1.2.2
matthieu_aubry/phpmyvisites
1.2_beta
matthieu_aubry/phpmyvisites
1.3
matthieu_aubry/phpmyvisites
< 2.1
Published
Feb 12, 2007
Tracked Since
Feb 18, 2026