Unrated severityNVD Advisory· Published May 17, 2007· Updated Apr 23, 2026
CVE-2007-2747
CVE-2007-2747
Description
Directory traversal vulnerability in rdw_helpers.py in rdiffWeb before 0.3.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter to the /browse URI.
Affected products
6cpe:2.3:a:rdiffweb:rdiffweb:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:rdiffweb:rdiffweb:*:*:*:*:*:*:*:*range: <=0.3.5
- cpe:2.3:a:rdiffweb:rdiffweb:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:rdiffweb:rdiffweb:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:rdiffweb:rdiffweb:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:rdiffweb:rdiffweb:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:rdiffweb:rdiffweb:0.3.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- www.rdiffweb.org/wiki/index.phpnvdPatch
- lists.berlios.de/pipermail/rdiffweb-discuss/2007-March/000100.htmlnvdVendor Advisory
- osvdb.org/36519nvd
- secunia.com/advisories/25368nvd
- www.securityfocus.com/bid/24092nvd
- www.vupen.com/english/advisories/2007/1775nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/33734nvd
News mentions
0No linked articles in our index yet.