VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 10, 2007· Updated Apr 23, 2026

CVE-2007-1930

CVE-2007-1930

Description

Directory traversal vulnerability in download2.php in cattaDoc 2.21, and possibly other versions including 3.0, allows remote attackers to read arbitrary files via a .. (dot dot) in the fn1 parameter.

Affected products

2
  • Cattadoc/Cattadoc2 versions
    cpe:2.3:a:cattadoc:cattadoc:2.21:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:cattadoc:cattadoc:2.21:*:*:*:*:*:*:*
    • cpe:2.3:a:cattadoc:cattadoc:3.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.