Lucene search
K

4 matches found

securityvulns
securityvulns
added 2005/12/01 12:0 a.m.27 views

Xaraya <= 1.0.0 RC4 D.O.S / file corruption

Xaraya = 1.0.0 RC4 D.O.S / file corruption software: site: http://www.xaraya.com description: "Xaraya 1.0 Core is an Open Source web application framework written in PHP" vulnerable code in create function in xarMLSXML2PHPBackend.php: i you can create an empty dir, in some cases this leads to...

7.6AI score
Exploits0
NVD
NVD
added 2005/11/30 11:3 a.m.15 views

CVE-2005-3929

Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 allows remote attackers to create directories and overwrite arbitrary files via ".." sequences in the module parameter to index.php...

5CVSS6.8AI score0.07502EPSS
Exploits1References8
CVE
CVE
added 2005/11/30 11:0 a.m.46 views

CVE-2005-3929

The CVE-2005-3929 entry covers a directory traversal in Xaraya 1.0. The vulnerable component is the create function path in xarMLSXML2PHPBackend.php and the index.php module parameter handling. Due to insufficient input sanitization, an unauthenticated, remote attacker can craft a request that us...

5CVSS6.9AI score0.07502EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2005/11/30 11:0 a.m.36 views

CVE-2005-3929

Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 allows remote attackers to create directories and overwrite arbitrary files via ".." sequences in the module parameter to index.php...

6.8AI score0.07502EPSS
Exploits1References8
Rows per page
Query Builder