Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2008-0149
Disclosure Date: January 09, 2008 (last updated October 04, 2023)
TUTOS 1.3 allows remote attackers to read system information via a direct request to php/admin/phpinfo.php, which calls the phpinfo function.
0
Attacker Value
Unknown
CVE-2008-0148
Disclosure Date: January 09, 2008 (last updated October 04, 2023)
TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request.
0
