RSS   Vulnerabilities for 'Talkback'   RSS

2010-05-26
 
CVE-2009-4874

CWE-264
 

 
TalkBack 2.3.14 does not properly restrict access to the edit comment feature (comments.php), which allows remote attackers to modify comments.

 
2010-05-07
 
CVE-2009-4854

CWE-20
 

 
addons/import.php in TalkBack 2.3.14 allows remote attackers to execute arbitrary commands via the result parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top