Unrated severityNVD Advisory· Published May 1, 2007· Updated Apr 23, 2026

CVE-2007-2412

Description

Directory traversal vulnerability in modules/file.php in Seir Anphin allows remote attackers to obtain sensitive information via a .. (dot dot) in the a[filepath] parameter. NOTE: a third party has disputed this issue because the a array is populated by a database query before use

Affected products

Seir Anphin/Seir Anphin
cpe:2.3:a:seir_anphin:seir_anphin:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securityreason.com/securityalert/2651nvd
www.attrition.org/pipermail/vim/2007-April/001567.htmlnvd
www.securityfocus.com/archive/1/467103/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/33962nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000