MidnightBSD

Advisories for spid

CVE-2005-2198 HIGH

PHP remote file inclusion vulnerability in lang.php in SPiD before 1.3.1 allows remote attackers to execute arbitrary code via the lang_path parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
spid spid 1.0.4
spid spid 1.0.3
spid spid 1.2.0
spid spid 1.0.1
spid spid 1.1.0
spid spid 1.2.1
spid spid 1.3.0
spid spid 1.2.2
spid spid 1.2.3
CVE-2006-0976 MEDIUM

Directory traversal vulnerability in scan_lang_insert.php in Boris Herbiniere-Seve SPiD 1.3.1 allows remote attackers to read arbitrary files via the lang parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
spid spid 1.3.1