2 matches found
CVE-2008-1773
The CVE-2008-1773 vulnerability affects Dragoon 0.1 and is a PHP remote file inclusion in includes/header.inc.php. An attacker can cause remote code execution by supplying a URL in the root parameter. The NVD entry lists a CVSS v2 base score of 6.8 (MEDIUM) with network attack vector, no authenti...
CVE-2008-1798
The CVE-2008-1798 issue affects Dragoon 0.1, specifically the calendrier.php routine in forum/kietu/libs. An attacker can craft a value for cal[lng] containing a .. sequence to trigger directory traversal, enabling the inclusion and execution of arbitrary local files. This is a server-side file i...