Back to search
CVE-2007-4723
Published: Sep 5, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
3100
third-party-advisory
x_refsource_SREASON
20070831 Ragnarok Online Control Panel Authentication Bypass Vulnerability [new method]
mailing-list
x_refsource_BUGTRAQ
45879
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now