RSS   Vulnerabilities for 'Shoutlive'   RSS

2006-02-28
 
CVE-2006-0941

CWE-Other
 

 
Multiple cross-site scripting (XSS) vulnerabilities in post.php in ShoutLIVE 1.1.0 allow remote attackers to inject arbitrary web script or HTML via certain variables when posting new messages.

 
 
CVE-2006-0940

CWE-Other
 

 
Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php.

 

 >>> Vendor: Cynical games 2 Products
Shoutlive
Shoutbook


Copyright 2024, cxsecurity.com

 

Back to Top