|
|
CVE Reference: CVE-2008-6960 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-6960 |
|
|
Description: download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 through 1.6 allows remote attackers to read arbitrary files via an encoded url parameter, as demonstrated by obtaining database credentials from includes/constants.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/46489 SAID Secunia Advisory: SA32537 OSVDB 49797 MILW0RM http://www.milw0rm.com/exploits/7074 BID 32227 |
|
| Return to the previous page. |
