RSS   Vulnerabilities for 'Eyeos'   RSS

2011-09-23
 
CVE-2011-3737

CWE-200
 

 
eyeOS 2.2.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by apps/rmail/webmail/program/lib/Net/SMTP.php and certain other files.

 
2006-12-14
 
CVE-2006-6556

 

 
The eyeHome function in apps/eyeHome.eyeapp/aplic.php in EyeOS before 0.9.3-3 allows remote attackers to upload and execute arbitrary code via dangerous file extensions that are not all lowercase, which bypasses a cleansing operation.

 


Copyright 2024, cxsecurity.com

 

Back to Top