9 matches found
CVE-2024-0304
A vulnerability has been found in Youke365 up to 1.5.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/collect.php. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely...
CVE-2024-0304 Youke365 collect.php server-side request forgery
A vulnerability has been found in Youke365 up to 1.5.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/collect.php. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely...
CVE-2008-4151
Directory traversal vulnerability in collect.php in CYASK 3.x allows remote attackers to read arbitrary files via a .. dot dot in the neturl parameter...
Directory traversal
Directory traversal vulnerability in collect.php in CYASK 3.x allows remote attackers to read arbitrary files via a .. dot dot in the neturl parameter...
cyask 3.x Local File Inclusion Vulnerability
This vulnerability leads to that the attacker can read any file on your webserver when it installs cyask. The $neturl variable in collect.php is short of enough check. When the attacker registers a new user, he can pass the user check and then submit any filename to $neturl so that collect.php ca...
CYASK 3.x - 'neturl' Local File Disclosure
This vulnerability leads to that the attacker can read any file on your webserver when it installs cyask. The $neturl variable in collect.php is short of enough check. When the attacker registers a new user, he can pass the user check and then submit any filename to $neturl so that collect.php ca...
CYASK 3.x (collect.php neturl) Local File Disclosure Vulnerability
No description provided by source. This vulnerability leads to that the attacker can read any file on your webserver when it installs cyask. The $neturl variable in collect.php is short of enough check. When the attacker registers a new user, he can pass the user check and then submit any filenam...
CYASK 3.x (collect.php neturl) Local File Disclosure Vulnerability
Exploit for unknown platform in category web applications ================================================================== CYASK 3.x collect.php neturl Local File Disclosure Vulnerability ================================================================== This vulnerability leads to that the...
CYASK 3.x - neturl Local File Disclosure
CYASK 3.x - neturl Local File Disclosure This vulnerability leads to that the attacker can read any file on your webserver when it installs cyask. The $neturl variable in collect.php is short of enough check. When the attacker registers a new user, he can pass the user check and then submit any...