RSS   Vulnerabilities for 'Korean ghboard'   RSS

2007-10-30
 
CVE-2007-5739

CWE-22
 

 
Directory traversal vulnerability in component/flashupload/download.jsp in the FlashUpload component in Korean GHBoard allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.

 
 
CVE-2007-5738

CWE-20
 

 
The FlashUpload component in Korean GHBoard uses a client-side protection mechanism to prevent uploading of dangerous file extensions, which allows remote attackers to bypass restrictions and upload arbitrary files via a modified copy of component/flashupload/upload.html.

 
 
CVE-2007-5737

CWE-94
 

 
Unrestricted file upload vulnerability in component/upload.jsp in Korean GHBoard allows remote attackers to upload arbitrary files via unspecified vectors, probably involving a direct request.

 


Copyright 2024, cxsecurity.com

 

Back to Top