Lucene search
K

6 matches found

NVD
NVD
added 2014/10/21 2:55 p.m.20 views

CVE-2012-5242

Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the name parameter in a gettemplate action...

6.8CVSS7AI score0.02537EPSS
Exploits5References2
Cvelist
Cvelist
added 2014/10/21 2:0 p.m.28 views

CVE-2012-5242

Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the name parameter in a gettemplate action...

7AI score0.02537EPSS
Exploits5References2
exploitpack
exploitpack
added 2012/12/21 12:0 a.m.59 views

banana dance b.2.6 - Multiple Vulnerabilities

banana dance b.2.6 - Multiple Vulnerabilities Advisory ID: HTB23118 Product: Banana Dance Vendor: bananadance.org Vulnerable Versions: B.2.6 and probably prior Tested Version: B.2.6 Vendor Notification: October 3, 2012 Public Disclosure: December 19, 2012 Vulnerability Type: PHP File Inclusion...

7.5CVSS0.1AI score0.02761EPSS
Exploits7
Exploit DB
Exploit DB
added 2012/12/21 12:0 a.m.73 views

banana dance b.2.6 - Multiple Vulnerabilities

Advisory ID: HTB23118 Product: Banana Dance Vendor: bananadance.org Vulnerable Versions: B.2.6 and probably prior Tested Version: B.2.6 Vendor Notification: October 3, 2012 Public Disclosure: December 19, 2012 Vulnerability Type: PHP File Inclusion CWE-98, Improper Access Control CWE-284, SQL...

7.5CVSS6.4AI score0.02761EPSS
Exploits7
0day.today
0day.today
added 2012/12/20 12:0 a.m.70 views

Banana Dance B.2.6 Inclusion / Access Control / SQL Injection

Banana Dance version B.2.6 suffers from local file inclusion, remote SQL injection, and improper access control vulnerabilities. Product: Banana Dance Vendor: bananadance.org Vulnerable Versions: B.2.6 and probably prior Tested Version: B.2.6 Vendor Notification: October 3, 2012 Public Disclosure...

7.5CVSS0.6AI score0.02761EPSS
Exploits7
Packet Storm
Packet Storm
added 2012/12/20 12:0 a.m.64 views

Banana Dance B.2.6 Inclusion / Access Control / SQL Injection

Advisory ID: HTB23118 Product: Banana Dance Vendor: bananadance.org Vulnerable Versions: B.2.6 and probably prior Tested Version: B.2.6 Vendor Notification: October 3, 2012 Public Disclosure: December 19, 2012 Vulnerability Type: PHP File Inclusion CWE-98, Improper Access Control CWE-284, SQL...

7.5CVSS0.3AI score0.02761EPSS
Exploits7
Rows per page
Query Builder