Netenberg Fantastico De Luxe vulnerabilities
2 known vulnerabilities affecting netenberg/fantastico_de_luxe.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM1LOW1
Vulnerabilities
Page 1 of 1
CVE-2008-4181P3MEDIUMCVSS 6.8PoC≤ 2.8.2≤ 2.8.8+29 more2008-09-23
CVE-2008-4181 [MEDIUM] CWE-22 CVE-2008-4181: Directory traversal vulnerability in includes/xml.php in the Netenberg Fantastico De Luxe module bef
Directory traversal vulnerability in includes/xml.php in the Netenberg Fantastico De Luxe module before 2.10.4 r19 for cPanel, when cPanel PHP Register Globals is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) or absolute pathname in the fantasticopath parameter. NOTE: in some environments, th
nvd
CVE-2004-2398P4LOWCVSS 2.1v2.82004-12-31
CVE-2004-2398 [LOW] CVE-2004-2398: Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, whi
Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.
nvd