EUVD-2008-5972

Malware in sbrugna...

CVE-2008-6002

Absolute path traversal vulnerability in sendfile.php in web-cp 0.5.7, when registerglobals is enabled, allows remote attackers to read arbitrary files via a full pathname in the filelocation parameter...

Path traversal

Absolute path traversal vulnerability in sendfile.php in web-cp 0.5.7, when registerglobals is enabled, allows remote attackers to read arbitrary files via a full pathname in the filelocation parameter...

CVE-2008-6002

Absolute path traversal vulnerability in sendfile.php in web-cp 0.5.7, when registerglobals is enabled, allows remote attackers to read arbitrary files via a full pathname in the filelocation parameter...

CVE-2008-6002

Affected product: web-cp 0.5.7. The issue is an absolute path traversal in sendfile.php, exploitable when register_globals is enabled, allowing remote attackers to read arbitrary files via a full pathname in the filelocation parameter. Root cause: lack of input validation for the filelocation par...

webcp 0.5.7 - filelocation Remote File Disclosure

webcp 0.5.7 - filelocation Remote File Disclosure webcp 0.5.7 sendfile.php filelocation Remote File Disclosure Vulnerability Script : http://www.web-cp.net/releases/webcp-0.5.7.tar.gz Demo : http://gyrbo.madoka.be/web-cp/ Vuln : if $tf = fopen$filelocation, "r" // Date in the past POC :...

webcp 0.5.7 - 'filelocation' Remote File Disclosure

webcp 0.5.7 sendfile.php filelocation Remote File Disclosure Vulnerability Script : http://www.web-cp.net/releases/webcp-0.5.7.tar.gz Demo : http://gyrbo.madoka.be/web-cp/ Vuln : if $tf = fopen$filelocation, "r" // Date in the past POC :...