X10Media X10 Automatic Mp3 Script vulnerabilities
2 known vulnerabilities affecting x10media/x10_automatic_mp3_script.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-4141P3HIGHCVSS 7.5PoCv1.5.52008-09-24
CVE-2008-4141 [HIGH] CWE-94 CVE-2008-4141: Multiple PHP remote file inclusion vulnerabilities in x10Media x10 Automatic MP3 Script 1.5.5 allow
Multiple PHP remote file inclusion vulnerabilities in x10Media x10 Automatic MP3 Script 1.5.5 allow remote attackers to execute arbitrary PHP code via a URL in the web_root parameter to (1) includes/function_core.php and (2) templates/layout_lyrics.php.
nvd
CVE-2008-6960P3MEDIUMCVSS 5.0PoCv1.5.5v1.62009-08-12
CVE-2008-6960 [MEDIUM] CWE-264 CVE-2008-6960: download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 through 1.6 allows remote atta
download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 through 1.6 allows remote attackers to read arbitrary files via an encoded url parameter, as demonstrated by obtaining database credentials from includes/constants.php.
nvd