Devraj Mukherjee Openterracotta vulnerabilities
2 known vulnerabilities affecting devraj_mukherjee/openterracotta.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-6522P4MEDIUMCVSS 6.8PoCv0.6.12009-03-25
CVE-2008-6522 [MEDIUM] CWE-22 CVE-2008-6522: Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php i
Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta (aka OpenTerracotta) 0.6.1, and possibly other versions, allow remote attackers to list arbitrary directories and read arbitrary files via a .. (dot dot) in the (1) CurrentDirectory and (2) File parameters to index.php.
nvd
CVE-2008-6521P4HIGHCVSS 7.8v0.6.12009-03-25
CVE-2008-6521 [HIGH] CWE-200 CVE-2008-6521: index.php in Terracotta (aka OpenTerracotta) 0.6.1 allows remote attackers to obtain sensitive infor
index.php in Terracotta (aka OpenTerracotta) 0.6.1 allows remote attackers to obtain sensitive information via an invalid File parameter, which reveals the installation path in an error message.
nvd