Cosmicperl Directory Pro vulnerabilities
4 known vulnerabilities affecting cosmicperl/directory_pro.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2001-0780P4MEDIUMCVSS 5.0PoCv2.02001-10-18
CVE-2001-0780 [MEDIUM] CWE-22 CVE-2001-0780: Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote att
Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter.
nvd
CVE-2008-1147P4MEDIUMCVSS 6.8v10.0.32008-03-04
CVE-2008-1147 [MEDIUM] CVE-2008-1147: A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously ge
nvd
CVE-2008-1148P4MEDIUMCVSS 6.8v10.0.32008-03-04
CVE-2008-1148 [MEDIUM] CVE-2008-1148: A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Alg
A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue
nvd
CVE-2008-1146P4MEDIUMCVSS 6.8v10.0.32008-03-04
CVE-2008-1146 [MEDIUM] CVE-2008-1146: A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning a
nvd