| Max CVSS | 7.5 | Min CVSS | 6.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-2253 | 6.8 |
lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a Content-Dis
|
30-10-2018 - 16:26 | 06-07-2010 - 17:17 | |
| CVE-2010-2251 | 7.5 |
The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Conte
|
10-10-2018 - 19:59 | 06-07-2010 - 17:17 | |
| CVE-2010-2252 | 6.8 |
GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc f
|
28-11-2016 - 19:07 | 06-07-2010 - 17:17 |