5 matches found
CVE-2004-1426
CVE-2004-1426 affects KorWeblog 1.6.2-cvs and earlier. This directory traversal vulnerability in index.php (lng parameter) allows remote reading of arbitrary files and potential PHP file execution via ".." sequences. The provided documents confirm the affected software and payload, but do not inc...
KorWeblog php injection Vulnerability
KorWeblog php injection Vulnerability Release Date : 2004/12/31 KST Author : Mins mins at fsu.or.kr Product : KorWeblog http://weblog.kldp.org Vendor-Status: Vendor was contacted but I could not receive reply message. Vendor-Patches: None Impact: Attacker can execute arbitrary php code. Summary...
[Full-Disclosure] STG Security Advisory: [SSA-20041122-10] KorWeblog directory traversal vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 STG Security Advisory: SSA-20041122-10 KorWeblog directory traversal vulnerability Revision 1.3 Date Published: 2004-11-22 KST Last Update: 2004-11-22 Disclosed by SSR Team [email protected] Summary ======== KorWeblog is a weblog application us...
KorWeblog 1.6.2 - Remote Directory Listing
KorWeblog 1.6.2 - Remote Directory Listing source: https://www.securityfocus.com/bid/11744/info A vulnerability is reported in the KorWeblog software that may allow a remote user to disclose directory listings. The problem presents itself when a malicious user crafts an URI request containing...
KorWeblog 1.6.2 - Remote Directory Listing
source: https://www.securityfocus.com/bid/11744/info A vulnerability is reported in the KorWeblog software that may allow a remote user to disclose directory listings. The problem presents itself when a malicious user crafts an URI request containing directory traversal sequences. When properly...