2 matches found
[SECURITY] [DSA 2146-1] Security update for mydms
------------------------------------------------------------------------- Debian Security Advisory DSA-2146-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 16, 2011 http://www.debian.org/security/faq -...
CVE-2010-2006
CVE-2010-2006 affects LetoDMS (formerly MyDMS) 1.7.2 and earlier, via a directory traversal in op/op.Login.php that allows remote authenticated users to include and execute arbitrary local files through a .. in the lang parameter. The vulnerability is documented in Debian DSA-2146-1 for the mydms...