CVE-2007-1040
Xpression News 1.0.1 - Path Traversal
Title source: llmDescription
Directory traversal vulnerability in archives.php in Xpression News (X-News) 1.0.1 allows remote attackers to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter.
Exploits (1)
References (6)
Scores
EPSS
0.1241
EPSS Percentile
93.9%
Details
Status
published
Products (1)
xpression_news/xpression_news
1.0.1
Published
Feb 21, 2007
Tracked Since
Feb 18, 2026