CVE-2009-0515
published 2009-02-11CVE-2009-0515: Directory traversal vulnerability in check_lang.php in Yet Another NOCC (YANOCC) 0.1.0 and earlier allows remote attackers to include and execute arbitrary…
PriorityP339medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
1.98%
78.0th percentile
Directory traversal vulnerability in check_lang.php in Yet Another NOCC (YANOCC) 0.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| yanocc | yanocc | <= 0.1.0 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
WordPress Core / MU / Plugins - '/admin.php' Privileges Unchecked / Multiple Information Disclosures
exploitdb·2009-07-10·CVSS 4.9
CVE-2009-2334 [MEDIUM] WordPress Core / MU / Plugins - '/admin.php' Privileges Unchecked / Multiple Information Disclosures
WordPress Core / MU / Plugins - '/admin.php' Privileges Unchecked / Multiple Information Disclosures
---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
WordPress Privileges Unchecked in admin.php and Multiple Information
Disclosures
1. *Advisory Information*
Title: WordPress Privileges Unchecked in admin.php and Multiple
Information Disclosures
Advisory ID: CORE-2009-0515
Advisory URL:
http://corelabs.coresecurity.com/index.php?action=view&type=advisory&name=WordPress_Privileges_Unchecked
Date published: 2009-07-08
Date of last update: 2009-07-08
Vendors contacted: WordPress
Release mode: Coordinated release
2. *Vulnerability Information*
Class: Local file include, Privileges unchecked, Cross site
Exploit-DB
Yet Another NOCC 0.1.0 - Local File Inclusion
exploitdb·2009-02-09
CVE-2009-0515 Yet Another NOCC 0.1.0 - Local File Inclusion
Yet Another NOCC 0.1.0 - Local File Inclusion
---
Yet Another NOCC 0.1.0 <= Local File Inclusion Vulnerabilities
YANOCC is a simple and fast webmail client which can handle POP3, SMTP, and IMAP servers.
YANOCC is based on NOCC's code and is written with PHP4. It features multi-language support,
MIME attachments, displays HTML messages, address book, folder support.
Author: Kacper
HomePage: http://devilteam.pl/
http://polskihacking.pl/
in file check_lang.php:
if (!ISSET($lang))
{
$ar_lang = explode(",", $HTTP_ACCEPT_LANGUAGE);
while ($accept_lang = array_shift($ar_lang))
{
$tmp = explode(";", $accept_lang);
$tmp[0] = strtolower($tmp[0]);
if (file_exists("lang/".$tmp[0].".php"))
{
$lang = $tmp[0];
break;
}
}
if ($lang == "")
$lang = $default_lang;
}
// Fix for faulty PHP install (RH7,
No writeups or analysis indexed.
http://secunia.com/advisories/33862http://www.securityfocus.com/bid/33704http://www.vupen.com/english/advisories/2009/0383https://exchange.xforce.ibmcloud.com/vulnerabilities/48608https://www.exploit-db.com/exploits/8020http://secunia.com/advisories/33862http://www.securityfocus.com/bid/33704http://www.vupen.com/english/advisories/2009/0383https://exchange.xforce.ibmcloud.com/vulnerabilities/48608https://www.exploit-db.com/exploits/8020
2009-02-11
Published