RSS   Vulnerabilities for 'Phpskelsite'   RSS

2009-02-16
 
CVE-2009-0596

CWE-22
 

 
Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter.

 
 
CVE-2009-0595

CWE-94
 

 
PHP remote file inclusion vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the theme parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top