Unrated severityNVD Advisory· Published Apr 9, 2007· Updated Jun 16, 2026
CVE-2007-1896
CVE-2007-1896
Description
Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) and trailing %00 (NULL) in a my_ms[root] cookie.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:sky_gunning:myspeach:2.1_beta:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:sky_gunning:myspeach:2.1_beta:*:*:*:*:*:*:*
- cpe:2.3:a:sky_gunning:myspeach:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:sky_gunning:myspeach:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:sky_gunning:myspeach:3.0.7:*:*:*:*:*:*:*
- (no CPE)range: <=3.0.7
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.