RSS   Vulnerabilities for 'Phpinv'   RSS

2008-06-13
 
CVE-2008-2695

CWE-22
 
 
Directory traversal vulnerability in entry.php in phpInv 0.8.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.

 
 
CVE-2008-2694

CWE-79
 
 
Cross-site scripting (XSS) vulnerability in search.php in phpInv 0.8.0 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.

 

Copyright 2024, cxsecurity.com

 

Back to Top