CyberSecurityBoard
Sponsor Register Login

CVE-2007-1144

Directory traversal vulnerability in jwpn-photos.php in J-Web Pics Navigator 2.0 allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter. J-Web Pics Navigator is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve and edit the contents of arbitrary files from the vulnerable system in the context of the affected application. J-Web Pics Navigator 2.0 is vulnerable to this issue; other versions may also be affected. http://www.securityfocus.com/bid/22681

Publication date: Sat, 03 Mar 2007 03:18:00 +0000


Cyber News related to CVE-2007-1144

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago
CVE-2007-1144 - Directory traversal vulnerability in jwpn-photos.php in J-Web Pics Navigator 2.0 allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter. J-Web Pics Navigator is prone to a directory-traversal vulnerability ...
6 years ago
CVE-2020-1131 - An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from ...
3 years ago
CVE-2020-1134 - An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from ...
3 years ago
CVE-2020-1124 - An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from ...
3 years ago
CVE-2020-1144 - An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from ...
3 years ago
CVE-2020-1189 - An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from ...
3 years ago
CVE-2020-1188 - An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from ...
3 years ago
CVE-2020-1185 - An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from ...
3 years ago
CVE-2020-1186 - An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from ...
3 years ago
CVE-2020-1184 - An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from ...
3 years ago
CVE-2020-1191 - An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from ...
3 years ago
CVE-2020-1187 - An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from ...
3 years ago
CVE-2020-1190 - An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from ...
3 years ago
CVE-2019-1150 - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, ...
4 years ago
CVE-2019-1144 - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1145, ...
4 years ago
CVE-2010-1144 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0751, CVE-2010-1277. Reason: this candidate was intended for one issue, but it was accidentally assigned to two different issues, one for libnids and another for Zabbix. Notes: ...
54 years ago Tenable.com
CVE-2008-4441 - The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of ...
6 years ago
CVE-2011-1144 - The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this ...
4 years ago
CVE-2005-1144 - popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to obtain sensitive information via an invalid ev parameter, which reveals the full pathname of the web server in a PHP error message. Version 6.2.8 and above are fixed. ...
16 years ago
CVE-2013-1144 - Memory leak in the IKEv1 implementation in Cisco IOS 15.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified (1) IPv4 or (2) IPv6 IKE packets, aka Bug ID CSCth81055. ...
11 years ago
CVE-2001-1144 - Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request. ...
11 years ago
CVE-2015-1144 - Buffer overflow in the UniformTypeIdentifiers component in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted Uniform Type Identifier. ...
9 years ago
CVE-2003-1144 - Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name. ...
7 years ago
CVE-2017-1144 - IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-Force ID: 122033. ...
7 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)