2 matches found
Gravity GTD rpc.php Malformed objectname Parameter (CVE-2008-5962; CVE-2008-5963)
Gravity GTD is an open source list manager for tracking action items according to the principles of Getting Things Done GTD. There exist multiple vulnerabilities in Gravity GTD. One attack vector could allow remote attackers to conduct directory traversal attacks and possibly read or write...
CVE-2008-5963
Gravity GTD (Getting Things Done) up to version 0.4.5 is affected by an eval-injection vulnerability in library/setup/rpc.php that allows remote attackers to execute arbitrary PHP code via the objectname parameter. This CVE (CVE-2008-5963) is rated high by NVD (base score 10.0) with network attac...