CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2008-4134

Malware in sbrugna...

5CVSS6.4AI score0.03885EPSS

Exploits0References6

seebug.org•added 2009/05/08 12:0 a.m.•29 views

赛问(cyask)collect.php本地文件读取漏洞

collect.php ——————————- else / 检查网址 / $url=getreferer; $neturl=empty$POST'neturl' ? trim$GET'neturl' : trim$POST'neturl'; $collecturl=empty$neturl ? $url : $neturl; $contents = ”; if$fid=@fopen$collecturl,”r“//$collecturl没进行处理 do $data = fread$fid, 4096; if strlen$data == 0 break; $contents .=...

7.1AI score

Exploits0

Prion•added 2008/09/24 5:41 a.m.•9 views

Directory traversal

Directory traversal vulnerability in collect.php in CYASK 3.x allows remote attackers to read arbitrary files via a .. dot dot in the neturl parameter...

5CVSS7.2AI score0.03885EPSS

Exploits0References5Affected Software1

securityvulns•added 2008/09/20 12:0 a.m.•33 views

cyask 3.x Local File Inclusion Vulnerability

This vulnerability leads to that the attacker can read any file on your webserver when it installs cyask. The $neturl variable in collect.php is short of enough check. When the attacker registers a new user, he can pass the user check and then submit any filename to $neturl so that collect.php ca...

7AI score

Exploits0

CVE•added 2008/09/19 6:0 p.m.•33 views

CVE-2008-4151

CVE-2008-4151 : Directory traversal in collect.php of CYASK 3.x allows remote attackers to read arbitrary files via a .. in the neturl parameter. Impact: read access to files. The provided documents do not include remediation details or patch/version information. Exploitation status is not specif...

5CVSS6.7AI score0.03885EPSS

Exploits0References5Affected Software1

Cvelist•added 2008/09/19 6:0 p.m.•11 views

CVE-2008-4151

Directory traversal vulnerability in collect.php in CYASK 3.x allows remote attackers to read arbitrary files via a .. dot dot in the neturl parameter...

6.6AI score0.03885EPSS

Exploits0References5

Packet Storm•added 2008/09/18 12:0 a.m.•17 views

cyask-disclose.txt

7.4AI score

Exploits0

Exploit DB•added 2008/09/18 12:0 a.m.•37 views

CYASK 3.x - 'neturl' Local File Disclosure

7.4AI score

Exploits0

seebug.org•added 2008/09/18 12:0 a.m.•9 views

CYASK 3.x (collect.php neturl) Local File Disclosure Vulnerability

No description provided by source. This vulnerability leads to that the attacker can read any file on your webserver when it installs cyask. The $neturl variable in collect.php is short of enough check. When the attacker registers a new user, he can pass the user check and then submit any filenam...

7.1AI score

Exploits0

0day.today•added 2008/09/18 12:0 a.m.•14 views

CYASK 3.x (collect.php neturl) Local File Disclosure Vulnerability

Exploit for unknown platform in category web applications ================================================================== CYASK 3.x collect.php neturl Local File Disclosure Vulnerability ================================================================== This vulnerability leads to that the...

7.1AI score

Exploits0

exploitpack•added 2008/09/18 12:0 a.m.•12 views

CYASK 3.x - neturl Local File Disclosure

CYASK 3.x - neturl Local File Disclosure This vulnerability leads to that the attacker can read any file on your webserver when it installs cyask. The $neturl variable in collect.php is short of enough check. When the attacker registers a new user, he can pass the user check and then submit any...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by