RSS   Vulnerabilities for 'Rayzz script'   RSS

2007-12-04
 
CVE-2007-6230

 
 
Directory traversal vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the CFG[site][project_path] parameter.

 
 
CVE-2007-6229

 
 
PHP remote file inclusion vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the CFG[site][project_path] parameter.

 

 >>> Vendor: Rayzz 2 Products
Rayzz script
Photoz

Copyright 2024, cxsecurity.com

 

Back to Top