2 matches found
CVE-2009-2111
CVE-2009-2111 affects DB Top Sites 1.0, with a vulnerability in the file add_reg.php that allows static code injection . A remote attacker can inject arbitrary PHP code by supplying crafted parameters for the (1) url and (2) location, enabling code execution on the affected system. This is docume...
CVE-2009-2110
Affected software: DB Top Sites 1.0. Vulnerability type: directory traversal leading to local file inclusion/execution via the u parameter in full.php, index.php, and contact.php when magic_quotes_gpc is disabled. Root cause: directory traversal with .. in the parameter. Impact: remote attackers ...