RSS   Vulnerabilities for 'Qwikiwiki'   RSS

2006-03-13
 
CVE-2006-1196

 

 
Multiple cross-site scripting (XSS) vulnerabilities in QwikiWiki 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) from and (2) help parameters to (a) index.php; (3) action, (4) page, (5) debug, (6) help, (7) username, or (8) password parameters to (b) login.php; the (7) help parameter to (c) pageindex.php; or (8) help parameter to (d) recentchanges.php.

 
2006-03-03
 
CVE-2006-0983

CWE-Other
 

 
Cross-site scripting (XSS) vulnerability in index.php in QwikiWiki 1.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter.

 
2006-02-15
 
CVE-2006-0699

 

 
Cross-site scripting (XSS) vulnerability in search.php in QWikiWiki 1.5, and possibly 1.5.1 and other versions, allows remote attackers to inject arbitrary web script or HTML via the query parameter.

 
2005-01-04
 
CVE-2005-0283

 

 
Directory traversal vulnerability in index.php in QwikiWiki allows remote attackers to read arbitrary files via a .. (dot dot) and a %00 at the end of the filename in the page parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top