4 matches found
Xaraya <= 1.0.0 RC4 D.O.S / file corruption
Xaraya = 1.0.0 RC4 D.O.S / file corruption software: site: http://www.xaraya.com description: "Xaraya 1.0 Core is an Open Source web application framework written in PHP" vulnerable code in create function in xarMLSXML2PHPBackend.php: i you can create an empty dir, in some cases this leads to...
CVE-2005-3929
Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 allows remote attackers to create directories and overwrite arbitrary files via ".." sequences in the module parameter to index.php...
CVE-2005-3929
The CVE-2005-3929 entry covers a directory traversal in Xaraya 1.0. The vulnerable component is the create function path in xarMLSXML2PHPBackend.php and the index.php module parameter handling. Due to insufficient input sanitization, an unauthenticated, remote attacker can craft a request that us...
CVE-2005-3929
Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 allows remote attackers to create directories and overwrite arbitrary files via ".." sequences in the module parameter to index.php...