Page 2 of 11 results (0.002 seconds)
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 3
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 3CVE-2013-7138 – Horizon QCMS 4.0 SQL Injection / Directory Traversal
https://notcve.org/view.php?id=CVE-2013-7138
08 Jan 2014 — Directory traversal vulnerability in lib/functions/d-load.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the start parameter. Vulnerabilidad de recorrido de directorios en lib/functions/d-load.php de Horizon Quick Content Management System (QCMS) 4.0 y anteriores permite a atacantes remotos leer archivos de forma arbitraria a través de un .. (punto punto) en el parámetro start. Horizon QCMS version 4.0 suffers from ... • https://packetstorm.news/files/id/124725 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •