Lucene search

Dirk Bartley Security Vulnerabilities

cve

CVE-2008-6668

Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) id parameter to comm.php and (2) var_filename parameter to viewrq.php.

7AI Score

0.004EPSS

2009-04-08 10:30 AM

cve

CVE-2008-6669

viewrq.php in nweb2fax 0.2.7 and earlier allows remote attackers to execute arbitrary code via shell metacharacters in the var_filename parameter in a (1) tif or (2) pdf format action.

8AI Score

0.031EPSS

2009-04-08 10:30 AM