2 matches found
getID3 < 1.7.8-b1 Multiple Remote Vulnerabilities
getID3, a web-based tool for extracting information from MP3 files, is installed on the remote web server. The installation of getID3 includes a set of demo scripts that allow an unauthenticated, remote attacker to read and delete arbitrary files, write files with some restrictions, and execute...
CVE-2007-1035
The CVE-2007-1035 issue affects getID3 (1.7.1) as used with Drupal Mediafield/Audio modules. The remote vulnerabilities reside in the package’s demo scripts, enabling an unauthenticated attacker to read/delete arbitrary files, list directories, write files (including .mp3) and potentially execute...