CVE-2007-6554

Severity CVSS v4.0:
Pending analysis
Type:
CWE-22 Path Traversal
Publication date:
28/12/2007
Last modified:
09/04/2025

Description

Multiple directory traversal vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) register.php, (3) login.php, or (4) statistics.php.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:george_lewe:teamcal_pro:*:*:*:*:*:*:*:* 3.1 (including)