{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T06:46:31.906","vulnerabilities":[{"cve":{"id":"CVE-2007-0337","sourceIdentifier":"cve@mitre.org","published":"2007-01-18T02:28:00.000","lastModified":"2026-04-23T00:35:47.467","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skinnn parameter, as demonstrated by invoking kg.php with a postek parameter containing PHP code, which is injected into a file in the kg directory, and then included by sesskglogadmin.php."},{"lang":"es","value":"Vulnerabilidad de salto de directorio en sesskglogadmin.php en KGB 1.9 y anteriores permite a un atacante remoto incluir y ejecutar ficheros locales de su elección a través de la secuencia ..(punto punto) en el parámetro skinn, como se demostró invocando kg.php con un parámetro postek que contenga código PHP, el cual es inyectado dentro de un archivo en el directorio kg, y entonces incluye el sesskglogadmin.php."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kgb:kgb:*:*:*:*:*:*:*:*","versionEndIncluding":"1.9","matchCriteriaId":"4DEE53CF-804F-4690-B54E-2317FE6A68DB"}]}]}],"references":[{"url":"http://osvdb.org/31585","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/23768","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/22065","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2007/0228","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/31508","source":"cve@mitre.org"},{"url":"https://www.exploit-db.com/exploits/3134","source":"cve@mitre.org"},{"url":"http://osvdb.org/31585","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/23768","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/22065","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2007/0228","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/31508","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.exploit-db.com/exploits/3134","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}