Vulnerabilities > Bookelves

DATE	CVE	VULNERABILITY TITLE	RISK
2009-03-06	CVE-2009-0767	Permissions, Privileges, and Access Controls vulnerability in Bookelves Kipper 2.01 Kipper 2.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing credentials via a direct request for job/config.data. network low complexity bookelves CWE-264	5.0
2009-03-06	CVE-2009-0766	Path Traversal vulnerability in Bookelves Kipper 2.01 Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. network low complexity bookelves CWE-22	7.5
2009-03-06	CVE-2009-0765	Path Traversal vulnerability in Bookelves Kipper 2.01 Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. network low complexity bookelves CWE-22	7.5
2009-03-06	CVE-2009-0764	Cross-Site Scripting vulnerability in Bookelves Kipper 2.01 Multiple cross-site scripting (XSS) vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to (1) index.php and (2) kipper.php. network bookelves CWE-79	4.3
2009-03-06	CVE-2009-0763	Cross-Site Scripting vulnerability in Bookelves Kipper 2.01 Cross-site scripting (XSS) vulnerability in default.php in Kipper 2.01 allows remote attackers to inject arbitrary web script or HTML via the charm parameter. network bookelves CWE-79	4.3

Vulnerabilities > Bookelves {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bookelves"}]}

Vulnerabilities > Bookelves