Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:livetecs:timeline:6.0.1:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-2042 |
Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive before 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a predictable directory in Uploads/. Published: April 28, 2014; 10:09:06 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2014-1217 |
Livetecs Timelive before 6.2.8 does not properly restrict access to systemsetting.aspx, which allows remote attackers to change configurations and obtain the database connection string and credentials via unspecified vectors. Published: April 28, 2014; 10:09:06 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |