RSS   Vulnerabilities for 'Ninja blog'   RSS

2009-01-29
 
CVE-2009-0325

CWE-22
 

 
Directory traversal vulnerability in entries/index.php in Ninja Blog 4.8, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the cat parameter.

 

 >>> Vendor: Ninjadesigns 3 Products
Ninja blog
Mailist
Flatchat


Copyright 2024, cxsecurity.com

 

Back to Top