4 matches found
Gravity GTD rpc.php Malformed objectname Parameter (CVE-2008-5962; CVE-2008-5963)
Gravity GTD is an open source list manager for tracking action items according to the principles of Getting Things Done GTD. There exist multiple vulnerabilities in Gravity GTD. One attack vector could allow remote attackers to conduct directory traversal attacks and possibly read or write...
CVE-2008-5962
Directory traversal vulnerability in library/setup/rpc.php in Gravity Getting Things Done GTD 0.4.5 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the objectname parameter...
CVE-2008-5962
CVE-2008-5962 affects Gravity Getting Things Done (GTD) up to version 0.4.5. The vulnerability is in library/setup/rpc.php, where the objectname parameter can be crafted to trigger a directory traversal, allowing remote attackers to include and execute arbitrary local files. This is a classic loc...
CVE-2008-5962
Directory traversal vulnerability in library/setup/rpc.php in Gravity Getting Things Done GTD 0.4.5 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the objectname parameter...