Directory traversal vulnerability in Mike Spice's My Classifieds (classifieds.cgi) before 1.3 allows remote attackers to overwrite arbitrary files via the category parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mike_spice | my_classifieds | 1.0 |
| mike_spice | my_classifieds | 1.1 |
| mike_spice | my_classifieds | 1.2 |
Directory traversal vulnerability in Mike Spice My Calendar before 1.5 allows remote attackers to write arbitrary files via .. (dot dot) sequences in a URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mike_spice | my_calendar | 1.0 |
| mike_spice | my_calendar | 1.4 |
| mike_spice | my_calendar | 1.3 |
| mike_spice | my_calendar | 1.1 |
| mike_spice | my_calendar | 1.2 |
Directory traversal vulnerability in quiz.cgi for Mike Spice Quiz Me! before 0.6 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the quiz parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mike_spice | quiz_me | 0.5 |
Directory traversal vulnerability in vote.cgi for Mike Spice Mike's Vote CGI before 1.3 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the type parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mike_spice | mikes_vote_cgi | 1.0 |
| mike_spice | mikes_vote_cgi | 1.2 |
| mike_spice | mikes_vote_cgi | 1.1 |