RSS   Vulnerabilities for 'Chicomas'   RSS

2008-04-29
 
CVE-2008-2017

CWE-22
 

 
Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the operation parameter to the default URI under install/.

 
 
CVE-2008-2016

CWE-94
 

 
PHP remote file inclusion vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to the default URI under install/. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequences.

 

 >>> Vendor: Chilkat software 8 Products
Chilkat zip activex control
Asp string
Chilkathttp activex
Chicomas
Chilkat xml activex control
FTP
MAIL
Chilkat crypt activex control


Copyright 2022, cxsecurity.com

 

Back to Top