CVE-2007-6567
XZero Community Classifieds <4.95.11 - Path Traversal
Title source: llmDescription
Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagename parameter in a page view action.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Kw3[R]Ln · perlwebappsphp
https://www.exploit-db.com/exploits/4794
References (6)
Scores
EPSS
0.0673
EPSS Percentile
91.3%
Details
CWE
CWE-22
Status
published
Products (1)
xzero_scripts/xzero_community_classifieds
< 4.95.11
Published
Dec 28, 2007
Tracked Since
Feb 18, 2026