Aggregates CVE and security vulnerability intelligence across all ghlab-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk input validation and vendor risk path handling, with potential vendor impact unexpected behavior and vendor impact file overwrite across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2007-5739 | Directory traversal vulnerability in component/flashupload/download.jsp in the FlashUpload component in Korean GHBoard allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. | [email protected] | 5.0 | 3.67% | 2007-10-30 | 2026-04-23 |
| CVE-2007-5738 | The FlashUpload component in Korean GHBoard uses a client-side protection mechanism to prevent uploading of dangerous file extensions, which allows remote attackers to bypass restrictions and upload arbitrary files via a modified copy of component/flashupload/upload.html. | [email protected] | 6.8 | 0.29% | 2007-10-30 | 2026-04-23 |
| CVE-2007-5737 | Unrestricted file upload vulnerability in component/upload.jsp in Korean GHBoard allows remote attackers to upload arbitrary files via unspecified vectors, probably involving a direct request. | [email protected] | 7.5 | 4.33% | 2007-10-30 | 2026-04-23 |