4 matches found
Sql injection
Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 BES12 Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to 1 mydevice/client/image, 2 admin/client/image, 3...
CVE-2007-5253
c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attackers to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte %00 sequence followed by an image file extension, as demonstrated by a request for a ".txt%00.gif" file. NOTE: this might b...
Directory traversal
c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attackers to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte %00 sequence followed by an image file extension, as demonstrated by a request for a ".txt%00.gif" file. NOTE: this might b...
CVE-2007-5253
Cart32 (shopping cart app) vulnerability CVE-2007-5253 affects the GetImage function in c32web.exe prior to Cart32 6.4. An attacker can read arbitrary files by supplying an ImageName parameter that appends a NULL byte then a file extension (e.g., ".txt%00.gif"), potentially enabling directory tra...