RSS   Vulnerabilities for 'Nitrotech'   RSS

2008-12-04
 
CVE-2008-5334

CWE-94
 

 
PHP remote file inclusion vulnerability in includes/common.php in NitroTech 0.0.3a allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.

 
 
CVE-2008-5333

CWE-89
 

 
SQL injection vulnerability in members.php in NitroTech 0.0.3a allows remote attackers to execute arbitrary SQL commands via the id parameter.

 
2007-01-16
 
CVE-2006-6938

 

 
Directory traversal vulnerability in includes/common.php in NitroTech 0.0.3a, as distributed before 2006, allows remote attackers to include arbitrary files via ".." sequences in the root parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top