RSS   Vulnerabilities for 'Artmedic weblog'   RSS

2008-02-15
 
CVE-2008-0798

CWE-22
 

 
Multiple directory traversal vulnerabilities in artmedic webdesign weblog 1.0, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) ta parameter to artmedic_index.php, reached through index.php; and the (2) date parameter to artmedic_print.php.

 
2008-02-13
 
CVE-2008-0765

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in artmedic webdesign weblog allow remote attackers to inject arbitrary web script or HTML via the (1) date parameter to artmedic_print.php and the (2) jahrneu parameter to index.php.

 

 >>> Vendor: Artmedic webdesign 5 Products
Artmedic links
Artmedic event
Artmedic newsletter
Artmedic cms
Artmedic weblog


Copyright 2024, cxsecurity.com

 

Back to Top