Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor X10media Subscribe
Filtered by product X10 Automatic Mp3 Script
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-6960 1 X10media 1 X10 Automatic Mp3 Script 2023-12-10 5.0 MEDIUM N/A
download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 through 1.6 allows remote attackers to read arbitrary files via an encoded url parameter, as demonstrated by obtaining database credentials from includes/constants.php.