5 matches found
CVE-2008-4913
Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to delete arbitrary files via a .. dot dot in the delete parameter...
CVE-2008-4913
CVE-2008-4913: LokiCMS (versions 0.3.3 and earlier) contains a directory traversal flaw in admin.php where an attacker can use a .. in the delete parameter to delete arbitrary files. The connected documents confirm the affected product/version and the underlying cause (directory traversal) but do...
CVE-2008-4913
Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to delete arbitrary files via a .. dot dot in the delete parameter...
Directory traversal
Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to delete arbitrary files via a .. dot dot in the delete parameter...
CVE-2008-1860
LokiCMS versions 0.3.3 and earlier are affected by a static code injection vulnerability in admin.php, allowing remote attackers to inject arbitrary PHP into includes/Config.php via the default parameter. The issue arises from the underlying code path described in CVE-2008-1860 and is rated with ...