Filtered by vendor Craig Drummond
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-7301 | 1 Craig Drummond | 1 Cantata | 2024-02-28 | 5.0 MEDIUM | N/A |
| Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue. | |||||
| CVE-2013-7300 | 1 Craig Drummond | 1 Cantata | 2024-02-28 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in cantata before 1.2.2 allows local users to read arbitrary files via a full pathname in a request to the internal httpd server. NOTE: this vulnerability can be leveraged by remote attackers using CVE-2013-7301. | |||||