EUVD-2006-5572

Malware in sbrugna...

CVE-2022-31542

The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31542

The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31542

The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31542

CVE-2022-31542 affects the mandoku/mdweb repository (pre-2015-05-07) where an unsafe use of Flask's send_file enables absolute path traversal. The issue is confirmed across multiple connected sources (NVD, Red Hat, CVE lists, CNNVD) describing the root cause as improper handling of file paths in ...

CVE-2022-31542

The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

mdweb 路径遍历漏洞

mdweb is a Mandoku web server from mandoku open source. A security vulnerability exists in mdweb version 2015-05-07 and earlier, which stems from an incorrect call to Flask's sendfile function that results in absolute path traversal...

MDweb <= 1.3 (chemin_appli) Remote File Include Vulnerabilities

No description provided by source...

CVE-2006-5587

Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and earlier Mdweb132-postgres allow remote attackers to execute arbitrary PHP code via a URL in the cheminappli parameter in 1 admin/inc/organisations/formorg.inc.php and 2 admin/inc/organisations/countryinsert.php...

CVE-2006-5587

Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and earlier Mdweb132-postgres allow remote attackers to execute arbitrary PHP code via a URL in the cheminappli parameter in 1 admin/inc/organisations/formorg.inc.php and 2 admin/inc/organisations/countryinsert.php...

CVE-2006-5587

MDweb 1.3 and earlier (Mdweb132-postgres) contains two PHP remote file inclusion flaws: passing a URL in the chemin_appli parameter to admin/inc/organisations/form_org.inc.php and admin/inc/organisations/country_insert.php enables remote code execution. The issue arises from unsafely including re...

MDweb <= 1.3 (chemin_appli) Remote File Include Vulnerabilities

Exploit for unknown platform in category web applications =============================================================== MDweb = 1.3 cheminappli Remote File Include Vulnerabilities =============================================================== ToXiC Mdweb132-postgres: Remote File Inclusion by...

MDweb &lt;= 1.3 (chemin_appli) Remote File Include Vulnerabilities

No description provided by source. ToXiC Mdweb132-postgres: Remote File Inclusion by ToXiC CreW ToXic Security Italian CreW BuG FounD by Drago84 Application Affect: Mdweb132-postgres Sorce Code: http://jc.desconnets.free.fr/mdweb/install/windows/mdweb132-postgres-sans-installeur.zip Page:...