Lucene search

K

Downloadengine Security Vulnerabilities

cve
cve

CVE-2006-5459

Multiple PHP remote file inclusion vulnerabilities in Download-Engine 1.4.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) $_ENGINE[eng_dir] and possibly (2) spaw_root parameters in admin/includes/spaw/spaw_script.js.php, and the (3) $_ENGINE[eng_dir], (4)...

7.5AI Score

0.333EPSS

2006-10-23 05:07 PM
19
cve
cve

CVE-2006-5291

PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_control.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor...

7.1AI Score

0.333EPSS

2006-10-16 06:07 PM
26