3 matches found
CVE-2010-4858
Directory traversal vulnerability in team.rc5-72.php in DNET Live-Stats 0.8 allows remote attackers to read arbitrary files via a .. dot dot in the showlang parameter...
CVE-2010-4858
CVE-2010-4858 is corroborated by multiple connected sources as a local file inclusion (LFI) vulnerability in DNET Live-Stats 0.8, specifically RC8. The issue arises from improper sanitization of user input, enabling directory traversal to access arbitrary files via the showlang parameter, or, per...
DNET Live-Stats 'team.rc5-72.php' Local File Include Vulnerability
DNET Live-Stats is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to view files and execute local scripts in the context of the webserver process. This may aid in...