Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gisle aas libwww-perl 5.800 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2010-2253
lwp-download in libwww-perl prior to 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a Content-Disposition header that suggest...