Unrated severityNVD Advisory· Published Apr 2, 2007· Updated Jun 16, 2026
CVE-2007-1801
CVE-2007-1801
Description
Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf_lang_default parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by inc/lang.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/23206nvdExploitVendor Advisory
- osvdb.org/35458nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/33326nvd
- www.exploit-db.com/exploits/3601nvd
News mentions
0No linked articles in our index yet.