RSS   Vulnerabilities for 'Directtopics'   RSS

2005-05-14
 
CVE-2005-1569

 

 
Cross-site scripting (XSS) vulnerability in DirectTopics 2.1 and 2.2 allows remote attackers to inject arbitrary web script via a javascript: URL in (1) a thread or (2) an IMG tag.

 
2005-05-12
 
CVE-2005-1568

 

 
topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to obtain sensitive information via an invalid topic parameter, which reveals the path in an error message.

 
 
CVE-2005-1567

 

 
SQL injection vulnerability in topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top