RSS   Vulnerabilities for 'Awffull'   RSS

2007-06-20
 
CVE-2007-3299

 

 
Cross-site scripting (XSS) vulnerability in AWFFull before 3.7.4, when AllSearchStr (aka the All Search Terms report) is enabled, allows remote attackers to inject arbitrary web script or HTML via a search string.

 
2007-01-25
 
CVE-2007-0510

 

 
Multiple buffer overflows in (1) graphs.c, (2) output.c, and (3) preserve.c in AWFFull 3.7.1 and earlier have unknown impact and attack vectors. NOTE: some of these details are obtained from third party information. NOTE: There may not be any attack vector that crosses privilege boundaries.

 


Copyright 2024, cxsecurity.com

 

Back to Top