CVE-2007-5454
PHP File Sharing System 1.5.1 - Path Traversal via Cam Parameter
Title source: llmDescription
Directory traversal vulnerability in index.php in PHP File Sharing System 1.5.1 allows remote attackers to list or create arbitrary directories, or delete arbitrary files, as demonstrated by listing directories via a .. (dot dot) in the cam parameter.
References (4)
Core 4
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27257
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/37193
Exploit mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2007-10/0343.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/26065
Scores
EPSS
0.0155
EPSS Percentile
72.1%
Details
CWE
CWE-22
Status
published
Products (1)
php_file_sharing_system/php_file_sharing_system
1.5.1
Published
Oct 14, 2007
Tracked Since
Feb 18, 2026