Vulnerabilities for Dynaliens (...) - CXSECURITY.COM

Vulnerabilities for 'Dynaliens'

2007-03-10

CVE-2007-1390

CWE-Other

Multiple cross-site scripting (XSS) vulnerabilities in dynaliens 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) recherche.php3 or (2) ajouter.php3.

CVE-2007-1389

CWE-Other

dynaliens 2.0 and 2.1 allows remote attackers to bypass authentication and perform certain privileged actions via a direct request for (1) validlien.php3 (2) supprlien.php3 (3) supprub.php3 (4) validlien.php3 (5) confsuppr.php3 (6) modiflien.php3, or (7) confmodif.php3 in admin/.

Copyright 2024, cxsecurity.com