← back
CVE-2007-1455

CVE-2007-1455

EPSS 6.6%
Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/3459unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/35036http://osvdb.org/35037http://securityreason.com/securityalert/2420http://www.securityfocus.com/archive/1/462562/100/0/threaded