Talkback : Security Vulnerabilities, CVEs, CVSS score >= 7
Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to comments.php, a different vector than CVE-2008-3371.
Max CVSS
7.5
EPSS Score
0.77%
Published
2008-09-30
Updated
2017-09-29
Directory traversal vulnerability in install/help.php in TalkBack 2.3.5, and other versions before 2.3.6.2, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.
Max CVSS
7.5
EPSS Score
2.55%
Published
2008-07-30
Updated
2017-09-29
2 vulnerabilities found