5 matches found
CVE-2008-4151
Directory traversal vulnerability in collect.php in CYASK 3.x allows remote attackers to read arbitrary files via a .. dot dot in the neturl parameter...
Directory traversal
Directory traversal vulnerability in collect.php in CYASK 3.x allows remote attackers to read arbitrary files via a .. dot dot in the neturl parameter...
CYASK 3.x - 'neturl' Local File Disclosure
This vulnerability leads to that the attacker can read any file on your webserver when it installs cyask. The $neturl variable in collect.php is short of enough check. When the attacker registers a new user, he can pass the user check and then submit any filename to $neturl so that collect.php ca...
CYASK 3.x (collect.php neturl) Local File Disclosure Vulnerability
No description provided by source. This vulnerability leads to that the attacker can read any file on your webserver when it installs cyask. The $neturl variable in collect.php is short of enough check. When the attacker registers a new user, he can pass the user check and then submit any filenam...
CYASK 3.x - neturl Local File Disclosure
CYASK 3.x - neturl Local File Disclosure This vulnerability leads to that the attacker can read any file on your webserver when it installs cyask. The $neturl variable in collect.php is short of enough check. When the attacker registers a new user, he can pass the user check and then submit any...