Unrated severityNVD Advisory· Published Dec 20, 2007· Updated Jun 16, 2026
CVE-2007-6471
CVE-2007-6471
Description
Incomplete blacklist vulnerability in main.php in phPay 2.02.01 on Windows allows remote attackers to conduct directory traversal attacks and include and execute arbitrary local files via a ..\ (dot dot backslash) in the config parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.