Unrated severityNVD Advisory· Published Sep 5, 2007· Updated Jun 16, 2026
CVE-2007-4723
CVE-2007-4723
Description
Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page.
Affected products
2cpe:2.3:a:ragnarok_online_control_panel_project:ragnarok_online_control_panel:4.3.4a:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ragnarok_online_control_panel_project:ragnarok_online_control_panel:4.3.4a:*:*:*:*:*:*:*
- (no CPE)range: =4.3.4a
Patches
Vulnerability mechanics
References
3- securityreason.com/securityalert/3100nvdThird Party Advisory
- www.securityfocus.com/archive/1/478263/100/0/threadednvdThird Party AdvisoryVDB Entry
- osvdb.org/45879nvdBroken Link
News mentions
0No linked articles in our index yet.