RSS   Vulnerabilities for 'Actualanalyzer lite'   RSS

2008-06-03
 
CVE-2008-2527

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the language parameter.

 
2008-05-05
 
CVE-2008-2076

CWE-22
 

 
Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style parameter.

 

 >>> Vendor: Actualscripts 5 Products
Actualanalyzer
Actualanalyzer lite
Actualanalyzer gold
Actualanalyzer pro
Actualanalyzer server


Copyright 2017, cxsecurity.com