6 matches found
EUVD-2008-6555
Malware in sbrugna...
SUSE CVE-2008-6592
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" aka flat and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cachedir parameter containing a %00 encoded null by...
Directory traversal
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" aka flat and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cachedir parameter containing a %00 encoded null by...
CVE-2008-6592
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" aka flat and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cachedir parameter containing a %00 encoded null by...
CVE-2008-6592
CVE-2008-6592 affects Thumbsup/Thumbs-Up 1.12 used in LightNEasy “no database” (flat) and SQLite 1.2.2 and earlier. The issue is a directory traversal vulnerability in the image parameter, exploitable via a modified cache_dir containing a %00 (encoded null byte), allowing remote attackers to copy...
CVE-2008-6592
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" aka flat and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cachedir parameter containing a %00 encoded null by...