Jeeblestechnology Jeebles Directory vulnerabilities
3 known vulnerabilities affecting jeeblestechnology/jeebles_directory.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2007-5706P3CRITICALCVSS 9.3PoCv2.9.602007-10-29
CVE-2007-5706 [CRITICAL] CWE-22 CVE-2007-5706: Absolute path traversal vulnerability in download.php in Jeebles Directory 2.9.60 allows remote atta
Absolute path traversal vulnerability in download.php in Jeebles Directory 2.9.60 allows remote attackers to read arbitrary files via a full pathname in the query string. NOTE: some of these details are obtained from third party information.
nvd
CVE-2008-1355P4MEDIUMCVSS 4.3PoCv2.9.602008-03-17
CVE-2008-1355 [MEDIUM] CWE-79 CVE-2008-1355: Cross-site scripting (XSS) vulnerability in index.php in Jeebles Technology Jeebles Directory 2.9.60
Cross-site scripting (XSS) vulnerability in index.php in Jeebles Technology Jeebles Directory 2.9.60 allows remote attackers to inject arbitrary web script or HTML via the path parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
nvd
CVE-2007-5705P4MEDIUMCVSS 6.0v2.9.602007-10-29
CVE-2007-5705 [MEDIUM] CWE-94 CVE-2007-5705: Unspecified vulnerability in the Settings component in the administration system in Jeebles Director
Unspecified vulnerability in the Settings component in the administration system in Jeebles Directory 2.9.60 allows remote authenticated administrators to execute arbitrary PHP code via unspecified vectors related to settings.inc.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
nvd