CVE-2007-3251
E-vision Cms < 2.02 - Path Traversal
Title source: ruleDescription
Multiple directory traversal vulnerabilities in e-Vision CMS 2.02 and earlier allow remote attackers to (1) include and execute arbitrary local files via a .. (dot dot) in the adminlang cookie to admin/functions.php or (2) read arbitrary local files via the img parameter to admin/show_img.php.
Exploits (1)
References (8)
Scores
EPSS
0.1615
EPSS Percentile
94.8%
Details
Status
published
Products (1)
e-vision/e-vision_cms
< 2.02
Published
Jun 18, 2007
Tracked Since
Feb 18, 2026