RSS   Vulnerabilities for 'Singapore'   RSS

2008-01-23
 
CVE-2008-0400

CWE-79
 
 
Cross-site scripting (XSS) vulnerability in header.tpl.php in the modern template for Singapore 0.10.1 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter to default.php.

 
2006-06-22
 
CVE-2006-3196

CWE-Other
 
 
index.php in singapore 0.10.0 and earlier allows remote attackers to obtain the installation path via an invalid template parameter, which reveals the path in an error message.

 
 
CVE-2006-3195

CWE-Other
 
 
Cross-site scripting (XSS) vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the template parameter.

 
 
CVE-2006-3194

CWE-Other
 
 
Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) gallery and (2) template parameter.

 
2006-05-09
 
CVE-2006-2262

CWE-Other
 
 
Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.7 allows remote attackers to inject arbitrary web script or HTML via the image parameter.

 
2005-06-12
 
CVE-2005-1955

 
 
Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.11 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter.

 
2005-06-16
 
CVE-2005-1954

 
 
singapore 0.9.11 allows remote attackers to obtain sensitive information via a direct request to (1) admin.class.php, (2) any .tpl.php file in templates/admin_default/, or (3) any .tpl.php file in templates/default/, which reveal the path in an error message.

 

 >>> Vendor: Singapore 2 Products
Image gallery web application
Singapore

Copyright 2024, cxsecurity.com

 

Back to Top