RSS   Podatności dla 'Flexphpdirectory'   RSS

2009-04-24
 
CVE-2008-6750

 
 
Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photo/.

 
 
CVE-2008-6749

 
 
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) checkuser and (2) checkpass parameters.

 

 >>> Vendor: China-on-site 6 Produkty
Flexphpnews
Flexphpic
Flexphpsite
Flexphplink
Flexphpdirectory
Flexcustomer0.0.6

Copyright 2024, cxsecurity.com

 

Back to Top