CVE-2007-5739
Korean GHBoard - Path Traversal via FlashUpload Download Name Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-5739. PoCs published by Xcross87.
AI-analyzed exploit summary This exploit demonstrates arbitrary file download and potential code execution in GHBoard via directory traversal in the 'download.jsp' endpoint. It allows attackers to access sensitive files like 'config.js' and potentially other files on the server.
Description
Directory traversal vulnerability in component/flashupload/download.jsp in the FlashUpload component in Korean GHBoard allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.
Exploits (1)
This exploit demonstrates arbitrary file download and potential code execution in GHBoard via directory traversal in the 'download.jsp' endpoint. It allows attackers to access sensitive files like 'config.js' and potentially other files on the server.