Search criteria
18 vulnerabilities found for ptk by dflabs
FKIE_CVE-2012-1415
Vulnerability from fkie_nvd - Published: 2014-12-28 02:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier allows remote attackers to hijack the authentication of administrators or investigators for requests that trigger a logout.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dflabs:ptk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93C7565D-779D-4A39-BA2B-BF6582DD424D",
"versionEndIncluding": "1.0.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier allows remote attackers to hijack the authentication of administrators or investigators for requests that trigger a logout."
},
{
"lang": "es",
"value": "Vulnerabilidad (CSRF) en lib/logout.php en DFLabs PTK 1.0.5 y anteriores permite a atacantes remotos secuestrar la autenticaci\u00f3n de administradores o investigadores en las peticiones logout."
}
],
"id": "CVE-2012-1415",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-12-28T02:59:03.627",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/18513/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/18513/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-5901
Vulnerability from fkie_nvd - Published: 2012-11-17 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
DFLabs PTK 1.0.5 stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read logs, images, or reports via a direct request to the file in the (1) log, (2) images, or (3) report directory.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D931069A-26E1-4EBD-9BE2-F7938DF509F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DFLabs PTK 1.0.5 stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read logs, images, or reports via a direct request to the file in the (1) log, (2) images, or (3) report directory."
},
{
"lang": "es",
"value": "DFLabs PTK v1.0.almacena archivos de datos con nombres predecibles en el directorio ra\u00edz (document root) de la web con un control de acceso insuficiente, lo que permite a atacantes remotos leer los registros, im\u00e1genes o informes mediante una solicitud dirigida directamente al archivo en los directorios (1) log (2) images \u00f3 (3) report.\r\n"
}
],
"id": "CVE-2012-5901",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-17T21:55:04.907",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80773"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48585"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52817"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52817"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74491"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-5902
Vulnerability from fkie_nvd - Published: 2012-11-17 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in ptk/lib/modal_bookmark.php in DFLabs PTK 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the arg4 parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D931069A-26E1-4EBD-9BE2-F7938DF509F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ptk/lib/modal_bookmark.php in DFLabs PTK 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the arg4 parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en ptk/lib/modal_bookmark.php en DFLabs PTK v1.0.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro arg4."
}
],
"id": "CVE-2012-5902",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-11-17T21:55:04.957",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80774"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52817"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52817"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74492"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-6793
Vulnerability from fkie_nvd - Published: 2009-05-07 17:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, 0.2, and 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters after an arg1= sequence in a filename within a forensic image.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dflabs:ptk:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB46681-8F9F-457F-9ACA-72B53CB72720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dflabs:ptk:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F09EE1CC-AA88-4853-A4DA-96788A8A9D16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9180AA-A197-4BAB-A960-1AC3EF4FAE42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, 0.2, and 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters after an arg1= sequence in a filename within a forensic image."
},
{
"lang": "es",
"value": "La funci\u00f3n get_file_type en lib/file_content.php en DFLabs PTK v0.1, v0.2, y v1.0 que permite a los atacantes remotos ejecutar arbitrariamente comandos a trav\u00e9s de un int\u00e9rprete de comandos metacar\u00e1cter despu\u00e9s de una secuencia arg1= en un nombre de fichero con im\u00e1genes forenses."
}
],
"id": "CVE-2008-6793",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-05-07T17:30:03.377",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/49574"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32553"
},
{
"source": "cve@mitre.org",
"url": "http://www.ikkisoft.com/stuff/LC-2008-07.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/498081/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/32128"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3020"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46380"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/7001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/49574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ikkisoft.com/stuff/LC-2008-07.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/498081/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/32128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/7001"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-0917
Vulnerability from fkie_nvd - Published: 2009-03-16 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: the vendor states that the product is intended for use in a laboratory with "no contact from / to internet."
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BBFB91D9-2A63-4693-B945-6657CBB3C8CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7788956-AF55-4AE2-AD75-1E862ED0DF34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F021F40-6D3C-4577-B0F6-1D53A5836CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5C34A4D7-A2DC-4FFC-8F31-A5EB9B297C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD0A3FF-7218-4CE9-9F0E-A68D1B3D7A07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: the vendor states that the product is intended for use in a laboratory with \"no contact from / to internet.\""
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en DFLabs PTK v1.0.0 hasta v1.0.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n al proporcionar una imagen forense que contenga documentos HTML, que son visualizados en un navegador web durante la inspecci\u00f3n por PTK. NOTA: el vendedor expone que el producto est\u00e1 previsto para su uso en un laboratorio \"sin contacto desde/hacia Internet\"."
}
],
"id": "CVE-2009-0917",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-03-16T19:30:00.563",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ptk.dflabs.com/faq.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34257"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34111"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ptk.dflabs.com/faq.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49236"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-0918
Vulnerability from fkie_nvd - Published: 2009-03-16 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://ptk.dflabs.com/faq.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://ptk.dflabs.com/security.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/845747 | US Government Resource | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ | US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/34111 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/49235 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://ptk.dflabs.com/faq.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ptk.dflabs.com/security.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/845747 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34111 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/49235 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BBFB91D9-2A63-4693-B945-6657CBB3C8CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7788956-AF55-4AE2-AD75-1E862ED0DF34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F021F40-6D3C-4577-B0F6-1D53A5836CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5C34A4D7-A2DC-4FFC-8F31-A5EB9B297C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dflabs:ptk:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD0A3FF-7218-4CE9-9F0E-A68D1B3D7A07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK\u0027s Apache HTTP Server via (1) \"external tools\" or (2) a crafted forensic image."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en DFLabs PTK v1.0.0 hasta v1.0.4 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n en los procesos lanzados por el Apache HTTP Server de PTK mediante (1) \"herramientas externas\" o (2) una imagen forense manipulada."
}
],
"id": "CVE-2009-0918",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-03-16T19:30:00.577",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ptk.dflabs.com/faq.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34111"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ptk.dflabs.com/faq.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49235"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-1415 (GCVE-0-2012-1415)
Vulnerability from cvelistv5 – Published: 2014-12-28 02:00 – Updated: 2024-08-06 18:53
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier allows remote attackers to hijack the authentication of administrators or investigators for requests that trigger a logout.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18513",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/18513/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier allows remote attackers to hijack the authentication of administrators or investigators for requests that trigger a logout."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-28T02:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18513",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/18513/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1415",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier allows remote attackers to hijack the authentication of administrators or investigators for requests that trigger a logout."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18513",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18513/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1415",
"datePublished": "2014-12-28T02:00:00",
"dateReserved": "2012-02-28T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5901 (GCVE-0-2012-5901)
Vulnerability from cvelistv5 – Published: 2012-11-17 21:00 – Updated: 2024-08-06 21:21
VLAI?
Summary
DFLabs PTK 1.0.5 stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read logs, images, or reports via a direct request to the file in the (1) log, (2) images, or (3) report directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:21:27.740Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"name": "52817",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52817"
},
{
"name": "ptk-info-disclosure(74491)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74491"
},
{
"name": "48585",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48585"
},
{
"name": "80773",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80773"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "DFLabs PTK 1.0.5 stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read logs, images, or reports via a direct request to the file in the (1) log, (2) images, or (3) report directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"name": "52817",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52817"
},
{
"name": "ptk-info-disclosure(74491)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74491"
},
{
"name": "48585",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48585"
},
{
"name": "80773",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80773"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5901",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DFLabs PTK 1.0.5 stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read logs, images, or reports via a direct request to the file in the (1) log, (2) images, or (3) report directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"name": "52817",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52817"
},
{
"name": "ptk-info-disclosure(74491)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74491"
},
{
"name": "48585",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48585"
},
{
"name": "80773",
"refsource": "OSVDB",
"url": "http://osvdb.org/80773"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5901",
"datePublished": "2012-11-17T21:00:00",
"dateReserved": "2012-11-17T00:00:00",
"dateUpdated": "2024-08-06T21:21:27.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5902 (GCVE-0-2012-5902)
Vulnerability from cvelistv5 – Published: 2012-11-17 21:00 – Updated: 2024-08-06 21:21
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in ptk/lib/modal_bookmark.php in DFLabs PTK 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the arg4 parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:21:27.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"name": "52817",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52817"
},
{
"name": "ptk-modalbookmark-xss(74492)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74492"
},
{
"name": "80774",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80774"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ptk/lib/modal_bookmark.php in DFLabs PTK 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the arg4 parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"name": "52817",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52817"
},
{
"name": "ptk-modalbookmark-xss(74492)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74492"
},
{
"name": "80774",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80774"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ptk/lib/modal_bookmark.php in DFLabs PTK 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the arg4 parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"name": "52817",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52817"
},
{
"name": "ptk-modalbookmark-xss(74492)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74492"
},
{
"name": "80774",
"refsource": "OSVDB",
"url": "http://osvdb.org/80774"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5902",
"datePublished": "2012-11-17T21:00:00",
"dateReserved": "2012-11-17T00:00:00",
"dateUpdated": "2024-08-06T21:21:27.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6793 (GCVE-0-2008-6793)
Vulnerability from cvelistv5 – Published: 2009-05-07 17:00 – Updated: 2024-08-07 11:42
VLAI?
Summary
The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, 0.2, and 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters after an arg1= sequence in a filename within a forensic image.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:42:00.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ikkisoft.com/stuff/LC-2008-07.txt"
},
{
"name": "ADV-2008-3020",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3020"
},
{
"name": "49574",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/49574"
},
{
"name": "20081105 DFLabs PTK Forensic Local Command Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498081/100/0/threaded"
},
{
"name": "32553",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32553"
},
{
"name": "7001",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7001"
},
{
"name": "ptk-getfiletype-command-execution(46380)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46380"
},
{
"name": "32128",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32128"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, 0.2, and 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters after an arg1= sequence in a filename within a forensic image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ikkisoft.com/stuff/LC-2008-07.txt"
},
{
"name": "ADV-2008-3020",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3020"
},
{
"name": "49574",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/49574"
},
{
"name": "20081105 DFLabs PTK Forensic Local Command Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498081/100/0/threaded"
},
{
"name": "32553",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32553"
},
{
"name": "7001",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7001"
},
{
"name": "ptk-getfiletype-command-execution(46380)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46380"
},
{
"name": "32128",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32128"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, 0.2, and 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters after an arg1= sequence in a filename within a forensic image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ikkisoft.com/stuff/LC-2008-07.txt",
"refsource": "MISC",
"url": "http://www.ikkisoft.com/stuff/LC-2008-07.txt"
},
{
"name": "ADV-2008-3020",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3020"
},
{
"name": "49574",
"refsource": "OSVDB",
"url": "http://osvdb.org/49574"
},
{
"name": "20081105 DFLabs PTK Forensic Local Command Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498081/100/0/threaded"
},
{
"name": "32553",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32553"
},
{
"name": "7001",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7001"
},
{
"name": "ptk-getfiletype-command-execution(46380)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46380"
},
{
"name": "32128",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32128"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6793",
"datePublished": "2009-05-07T17:00:00",
"dateReserved": "2009-05-07T00:00:00",
"dateUpdated": "2024-08-07T11:42:00.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0918 (GCVE-0-2009-0918)
Vulnerability from cvelistv5 – Published: 2009-03-16 19:00 – Updated: 2024-08-07 04:57
VLAI?
Summary
Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:16.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ptk.dflabs.com/faq.html"
},
{
"name": "VU#845747",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"name": "34111",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34111"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"name": "ptk-unspecified-command-execution(49235)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49235"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK\u0027s Apache HTTP Server via (1) \"external tools\" or (2) a crafted forensic image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ptk.dflabs.com/faq.html"
},
{
"name": "VU#845747",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"name": "34111",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34111"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"name": "ptk-unspecified-command-execution(49235)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49235"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0918",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK\u0027s Apache HTTP Server via (1) \"external tools\" or (2) a crafted forensic image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
},
{
"name": "http://ptk.dflabs.com/faq.html",
"refsource": "CONFIRM",
"url": "http://ptk.dflabs.com/faq.html"
},
{
"name": "VU#845747",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"name": "34111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34111"
},
{
"name": "http://ptk.dflabs.com/security.html",
"refsource": "CONFIRM",
"url": "http://ptk.dflabs.com/security.html"
},
{
"name": "ptk-unspecified-command-execution(49235)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49235"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0918",
"datePublished": "2009-03-16T19:00:00",
"dateReserved": "2009-03-16T00:00:00",
"dateUpdated": "2024-08-07T04:57:16.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0917 (GCVE-0-2009-0917)
Vulnerability from cvelistv5 – Published: 2009-03-16 19:00 – Updated: 2024-08-07 04:57
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: the vendor states that the product is intended for use in a laboratory with "no contact from / to internet."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:16.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"name": "34257",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34257"
},
{
"name": "VU#845747",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"name": "34111",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34111"
},
{
"name": "ptk-unspecified-xss(49236)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49236"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ptk.dflabs.com/faq.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: the vendor states that the product is intended for use in a laboratory with \"no contact from / to internet.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"name": "34257",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34257"
},
{
"name": "VU#845747",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"name": "34111",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34111"
},
{
"name": "ptk-unspecified-xss(49236)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49236"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ptk.dflabs.com/faq.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: the vendor states that the product is intended for use in a laboratory with \"no contact from / to internet.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ptk.dflabs.com/security.html",
"refsource": "MISC",
"url": "http://ptk.dflabs.com/security.html"
},
{
"name": "34257",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34257"
},
{
"name": "VU#845747",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"name": "34111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34111"
},
{
"name": "ptk-unspecified-xss(49236)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49236"
},
{
"name": "http://ptk.dflabs.com/faq.html",
"refsource": "MISC",
"url": "http://ptk.dflabs.com/faq.html"
},
{
"name": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0917",
"datePublished": "2009-03-16T19:00:00",
"dateReserved": "2009-03-16T00:00:00",
"dateUpdated": "2024-08-07T04:57:16.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1415 (GCVE-0-2012-1415)
Vulnerability from nvd – Published: 2014-12-28 02:00 – Updated: 2024-08-06 18:53
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier allows remote attackers to hijack the authentication of administrators or investigators for requests that trigger a logout.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18513",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/18513/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier allows remote attackers to hijack the authentication of administrators or investigators for requests that trigger a logout."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-28T02:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18513",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/18513/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1415",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier allows remote attackers to hijack the authentication of administrators or investigators for requests that trigger a logout."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18513",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18513/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1415",
"datePublished": "2014-12-28T02:00:00",
"dateReserved": "2012-02-28T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5901 (GCVE-0-2012-5901)
Vulnerability from nvd – Published: 2012-11-17 21:00 – Updated: 2024-08-06 21:21
VLAI?
Summary
DFLabs PTK 1.0.5 stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read logs, images, or reports via a direct request to the file in the (1) log, (2) images, or (3) report directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:21:27.740Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"name": "52817",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52817"
},
{
"name": "ptk-info-disclosure(74491)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74491"
},
{
"name": "48585",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48585"
},
{
"name": "80773",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80773"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "DFLabs PTK 1.0.5 stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read logs, images, or reports via a direct request to the file in the (1) log, (2) images, or (3) report directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"name": "52817",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52817"
},
{
"name": "ptk-info-disclosure(74491)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74491"
},
{
"name": "48585",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48585"
},
{
"name": "80773",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80773"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5901",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DFLabs PTK 1.0.5 stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read logs, images, or reports via a direct request to the file in the (1) log, (2) images, or (3) report directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"name": "52817",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52817"
},
{
"name": "ptk-info-disclosure(74491)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74491"
},
{
"name": "48585",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48585"
},
{
"name": "80773",
"refsource": "OSVDB",
"url": "http://osvdb.org/80773"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5901",
"datePublished": "2012-11-17T21:00:00",
"dateReserved": "2012-11-17T00:00:00",
"dateUpdated": "2024-08-06T21:21:27.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5902 (GCVE-0-2012-5902)
Vulnerability from nvd – Published: 2012-11-17 21:00 – Updated: 2024-08-06 21:21
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in ptk/lib/modal_bookmark.php in DFLabs PTK 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the arg4 parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:21:27.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"name": "52817",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52817"
},
{
"name": "ptk-modalbookmark-xss(74492)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74492"
},
{
"name": "80774",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80774"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ptk/lib/modal_bookmark.php in DFLabs PTK 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the arg4 parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"name": "52817",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52817"
},
{
"name": "ptk-modalbookmark-xss(74492)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74492"
},
{
"name": "80774",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80774"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ptk/lib/modal_bookmark.php in DFLabs PTK 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the arg4 parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/111360/PTK-1.0.5-Cross-Site-Scripting-Unrestricted-Access.html"
},
{
"name": "52817",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52817"
},
{
"name": "ptk-modalbookmark-xss(74492)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74492"
},
{
"name": "80774",
"refsource": "OSVDB",
"url": "http://osvdb.org/80774"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5902",
"datePublished": "2012-11-17T21:00:00",
"dateReserved": "2012-11-17T00:00:00",
"dateUpdated": "2024-08-06T21:21:27.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6793 (GCVE-0-2008-6793)
Vulnerability from nvd – Published: 2009-05-07 17:00 – Updated: 2024-08-07 11:42
VLAI?
Summary
The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, 0.2, and 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters after an arg1= sequence in a filename within a forensic image.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:42:00.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ikkisoft.com/stuff/LC-2008-07.txt"
},
{
"name": "ADV-2008-3020",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3020"
},
{
"name": "49574",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/49574"
},
{
"name": "20081105 DFLabs PTK Forensic Local Command Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498081/100/0/threaded"
},
{
"name": "32553",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32553"
},
{
"name": "7001",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7001"
},
{
"name": "ptk-getfiletype-command-execution(46380)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46380"
},
{
"name": "32128",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32128"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, 0.2, and 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters after an arg1= sequence in a filename within a forensic image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ikkisoft.com/stuff/LC-2008-07.txt"
},
{
"name": "ADV-2008-3020",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3020"
},
{
"name": "49574",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/49574"
},
{
"name": "20081105 DFLabs PTK Forensic Local Command Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498081/100/0/threaded"
},
{
"name": "32553",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32553"
},
{
"name": "7001",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7001"
},
{
"name": "ptk-getfiletype-command-execution(46380)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46380"
},
{
"name": "32128",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32128"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, 0.2, and 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters after an arg1= sequence in a filename within a forensic image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ikkisoft.com/stuff/LC-2008-07.txt",
"refsource": "MISC",
"url": "http://www.ikkisoft.com/stuff/LC-2008-07.txt"
},
{
"name": "ADV-2008-3020",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3020"
},
{
"name": "49574",
"refsource": "OSVDB",
"url": "http://osvdb.org/49574"
},
{
"name": "20081105 DFLabs PTK Forensic Local Command Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498081/100/0/threaded"
},
{
"name": "32553",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32553"
},
{
"name": "7001",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7001"
},
{
"name": "ptk-getfiletype-command-execution(46380)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46380"
},
{
"name": "32128",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32128"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6793",
"datePublished": "2009-05-07T17:00:00",
"dateReserved": "2009-05-07T00:00:00",
"dateUpdated": "2024-08-07T11:42:00.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0918 (GCVE-0-2009-0918)
Vulnerability from nvd – Published: 2009-03-16 19:00 – Updated: 2024-08-07 04:57
VLAI?
Summary
Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:16.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ptk.dflabs.com/faq.html"
},
{
"name": "VU#845747",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"name": "34111",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34111"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"name": "ptk-unspecified-command-execution(49235)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49235"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK\u0027s Apache HTTP Server via (1) \"external tools\" or (2) a crafted forensic image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ptk.dflabs.com/faq.html"
},
{
"name": "VU#845747",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"name": "34111",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34111"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"name": "ptk-unspecified-command-execution(49235)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49235"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0918",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK\u0027s Apache HTTP Server via (1) \"external tools\" or (2) a crafted forensic image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
},
{
"name": "http://ptk.dflabs.com/faq.html",
"refsource": "CONFIRM",
"url": "http://ptk.dflabs.com/faq.html"
},
{
"name": "VU#845747",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"name": "34111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34111"
},
{
"name": "http://ptk.dflabs.com/security.html",
"refsource": "CONFIRM",
"url": "http://ptk.dflabs.com/security.html"
},
{
"name": "ptk-unspecified-command-execution(49235)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49235"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0918",
"datePublished": "2009-03-16T19:00:00",
"dateReserved": "2009-03-16T00:00:00",
"dateUpdated": "2024-08-07T04:57:16.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0917 (GCVE-0-2009-0917)
Vulnerability from nvd – Published: 2009-03-16 19:00 – Updated: 2024-08-07 04:57
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: the vendor states that the product is intended for use in a laboratory with "no contact from / to internet."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:16.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"name": "34257",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34257"
},
{
"name": "VU#845747",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"name": "34111",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34111"
},
{
"name": "ptk-unspecified-xss(49236)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49236"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ptk.dflabs.com/faq.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: the vendor states that the product is intended for use in a laboratory with \"no contact from / to internet.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ptk.dflabs.com/security.html"
},
{
"name": "34257",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34257"
},
{
"name": "VU#845747",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"name": "34111",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34111"
},
{
"name": "ptk-unspecified-xss(49236)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49236"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ptk.dflabs.com/faq.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: the vendor states that the product is intended for use in a laboratory with \"no contact from / to internet.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ptk.dflabs.com/security.html",
"refsource": "MISC",
"url": "http://ptk.dflabs.com/security.html"
},
{
"name": "34257",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34257"
},
{
"name": "VU#845747",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/845747"
},
{
"name": "34111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34111"
},
{
"name": "ptk-unspecified-xss(49236)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49236"
},
{
"name": "http://ptk.dflabs.com/faq.html",
"refsource": "MISC",
"url": "http://ptk.dflabs.com/faq.html"
},
{
"name": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/RGII-7Q4GBJ"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0917",
"datePublished": "2009-03-16T19:00:00",
"dateReserved": "2009-03-16T00:00:00",
"dateUpdated": "2024-08-07T04:57:16.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}