RSS   Podatności dla 'BSCW'   RSS

2002-03-25
 
CVE-2002-0095

 

 
The default configuration of BSCW (Basic Support for Cooperative Work) 3.x and possibly version 4 enables user self registration, which could allow remote attackers to upload files and possibly join a user community that was intended to be closed.

 
 
CVE-2002-0094

 

 
config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion.

 
2001-08-31
 
CVE-2001-0973

 

 
BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space.

 


Copyright 2024, cxsecurity.com

 

Back to Top