2 matches found
CVE-2025-63951
An insecure deserialization vulnerability exists in the rss-mp3.php script of the MiczFlor RPi-Jukebox-RFID project through commit 4b2334f0ae0e87c0568876fc41c48c38aa9a7014 2025-10-07. The 'rss' GET parameter receives data that is passed directly to the unserialize function without validation. Thi...
CVE-2000-0906
Directory traversal vulnerability in Moreover.com cachedfeed.cgi script version 4.July.00 allows remote attackers to read arbitrary files via a .. dot dot attack on the category or format parameters...