Lucene search
K

5 matches found

NVD
NVD
added 2017/08/25 6:29 p.m.21 views

CVE-2014-7860

The web/webfile/fbpublish.php script in D-Link DNS-320L before 1.04b12 and DNS-327L before 1.03b04 Build0119 does not authenticate requests, which allows remote attackers to obtain arbitrary photos and publish them to an arbitrary Facebook profile via a target albumid and accesstoken...

5.3CVSS5.3AI score0.0958EPSS
Exploits0References5
CVE
CVE
added 2017/08/25 6:0 p.m.47 views

CVE-2014-7860

The CVE-2014-7860 issue affects D-Link DNS-320L (pre-1.04b12) and DNS-327L (pre-1.03b04 Build0119). The web/web_file/fb_publish.php script fails to authenticate requests, enabling remote attackers to obtain arbitrary photos and publish them to a Facebook profile using a target album_id and access...

5.3CVSS5.3AI score0.0958EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2007/07/30 8:17 p.m.14 views

Directory traversal

Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. dot dot in the dir parameter...

5CVSS7.4AI score0.02692EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2007/07/30 8:0 p.m.19 views

CVE-2007-4092

Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. dot dot in the dir parameter...

6.8AI score0.02692EPSS
Exploits1References5
0day.today
0day.today
added 2006/12/30 12:0 a.m.75 views

IMGallery <= 2.5 Create Uploader Script Exploit

Exploit for unknown platform in category web applications =============================================== IMGallery DEVIL TEAM IRC:...

7.1AI score
Exploits0
Rows per page
Query Builder