Bitweaver@2.5 Security Vulnerabilities and Issues — Bitweaver@2.5 CVE List

Lucene search

BitweaverBitweaver2.5

3 matches found

CVE•added 2014/01/28 12:55 a.m.•131 views

CVE-2012-5192

Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and earlier allows remote attackers to read arbitrary files via "''%2F" (dot dot encoded slash) sequences in the overlay_type parameter.

5CVSS6.1AI score0.51479EPSS

CVE•added 2009/05/18 6:30 p.m.•42 views

CVE-2009-1678

Directory traversal vulnerability in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the version parameter to boards/boards_rss.php.

7.5CVSS7AI score0.00681EPSS

CVE•added 2009/05/18 6:30 p.m.•35 views

CVE-2009-1677

Multiple static code injection vulnerabilities in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allow (1) remote authenticated users to inject arbitrary PHP code into files by placing PHP sequences into the account's "display name" setting and then invoking boards/...

6.5CVSS7.2AI score0.0092EPSS