| Max CVSS | 6.8 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-2744 | 6.8 |
Directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the action parameter to the default URI.
|
09-10-2018 - 19:33 | 19-07-2011 - 20:55 | |
| CVE-2011-2780 | 5.0 |
Directory traversal vulnerability in includes/lib/gz.php in Chyrp 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, a different vulnerability than CVE-2011-2744.
|
09-10-2018 - 19:33 | 19-07-2011 - 21:55 | |
| CVE-2011-2745 | 6.5 |
upload_handler.php in the swfupload extension in Chyrp 2.0 and earlier relies on client-side JavaScript code to restrict the file extensions of uploaded files, which allows remote authenticated users to upload a .php file, and consequently execute ar
|
22-09-2011 - 03:32 | 27-07-2011 - 02:55 |