2 matches found
YXcms has a directory traversal vulnerability
YXcms is a PHP and MySQL based enterprise building content management system CMS. A directory traversal vulnerability exists in YXcms. An exploiter can use this vulnerability to traverse files on the server to obtain sensitive information...
mysql: multiple insufficient table name checks
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. dot dot in a table name...