4 matches found
Path traversal
Absolute path traversal vulnerability in cantata before 1.2.2 allows local users to read arbitrary files via a full pathname in a request to the internal httpd server. NOTE: this vulnerability can be leveraged by remote attackers using CVE-2013-7301...
UBUNTU-CVE-2013-7300
Absolute path traversal vulnerability in cantata before 1.2.2 allows local users to read arbitrary files via a full pathname in a request to the internal httpd server. NOTE: this vulnerability can be leveraged by remote attackers using CVE-2013-7301...
CVE-2013-7301
Cantata vulnerable before 1.2.2: a flaw in the play queue allows remote attackers to read files/ songs in the queue due to lack of access restriction. Affected software: Cantata prior to version 1.2.2. Root cause: insufficient access controls on queue contents. Impact: potential information discl...
CVE-2013-7300
Absolute path traversal vulnerability in cantata before 1.2.2 allows local users to read arbitrary files via a full pathname in a request to the internal httpd server. NOTE: this vulnerability can be leveraged by remote attackers using CVE-2013-7301...