Webbiscuits Modules Controller vulnerabilities
2 known vulnerabilities affecting webbiscuits/modules_controller.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-6138P3HIGHCVSS 7.5PoC≤ 1.12009-02-14
CVE-2008-6138 [HIGH] CWE-94 CVE-2008-6138: PHP remote file inclusion vulnerability in adminhead.php in WebBiscuits Modules Controller 1.1 and e
PHP remote file inclusion vulnerability in adminhead.php in WebBiscuits Modules Controller 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter.
nvd
CVE-2008-6139P4MEDIUMCVSS 5.0PoCv1.12009-02-14
CVE-2008-6139 [MEDIUM] CWE-22 CVE-2008-6139: Directory traversal vulnerability in faqsupport/wce.download.php in WebBiscuits Modules Controller 1
Directory traversal vulnerability in faqsupport/wce.download.php in WebBiscuits Modules Controller 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the download parameter.
nvd