RSS   Vulnerabilities for
'Jmweb mp3 music audio search and download script'
   RSS

2008-10-09
 
CVE-2008-4522

CWE-22
 

 
Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio Search and Download Script allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the src parameter to (1) listen.php and (2) download.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top