Description
Directory traversal vulnerability in template.php in in phpFaber TopSites 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the modify parameter in a template action to admin/index.php.
Exploits (1)
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/33581
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/465339/100/100/threaded
Various Sources x_refsource_misc
http://www.phpfaber.com/m/News/phpfaber_topsites_v_3_3-58.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/23419
Third Party Advisory mailing-list
x_refsource_vim
http://www.attrition.org/pipermail/vim/2007-April/001538.html
Scores
EPSS
0.0425
EPSS Percentile
88.9%
Details
Status
published
Products (1)
phpfaber/topsites
< 3
Published
Apr 19, 2007
Tracked Since
Feb 18, 2026