2 matches found
CVE-2008-6834
CVE-2008-6834 affects fuzzylime CMS versions 3.01 and 3.01a. The vulnerability is a directory traversal that allows remote attackers to include and execute arbitrary local files by supplying a ".." sequence in either the s parameter to code/commupdate.php (count action) or the heads parameter to ...
CVE-2008-6833
Affected software: fuzzylime (cms) prior to version 3.01b, specifically the commsrss.php script. Vulnerability type & root cause: directory traversal/ local file inclusion via the files[] parameter in the blogs action, where input is not properly sanitized before being used in an include. Impact:...