Technote

CVEs (4)

CVE	Risk	CVSS	EPSS	Published	Description
CVE-2009-0441	0.03	—	0.03	Feb 10, 2009	PHP remote file inclusion vulnerability in skin_shop/standard/2_view_body/body_default.php in TECHNOTE 7.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the shop_this_skin_path parameter, a different vector than CVE-2008-4138.
CVE-2008-4138	0.03	—	0.04	Sep 24, 2008	PHP remote file inclusion vulnerability in skin_shop/standard/3_plugin_twindow/twindow_notice.php in TECHNOTE 7 allows remote attackers to execute arbitrary PHP code via a URL in the shop_this_skin_path parameter.
CVE-2001-0074	0.03	—	0.04	Feb 12, 2001	Directory traversal vulnerability in print.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the board parameter.
CVE-2001-0075	0.03	—	0.03	Feb 12, 2001	Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter.

CVE-2009-0441Feb 10, 2009
risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in skin_shop/standard/2_view_body/body_default.php in TECHNOTE 7.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the shop_this_skin_path parameter, a different vector than CVE-2008-4138.
CVE-2008-4138Sep 24, 2008
risk 0.03cvss —epss 0.04
PHP remote file inclusion vulnerability in skin_shop/standard/3_plugin_twindow/twindow_notice.php in TECHNOTE 7 allows remote attackers to execute arbitrary PHP code via a URL in the shop_this_skin_path parameter.
CVE-2001-0074Feb 12, 2001
risk 0.03cvss —epss 0.04
Directory traversal vulnerability in print.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the board parameter.
CVE-2001-0075Feb 12, 2001
risk 0.03cvss —epss 0.03
Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter.