RSS   Vulnerabilities for 'Ourvideo cms'   RSS

2008-07-02
 
CVE-2008-2979

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remote attackers to inject arbitrary web script or HTML via the (1) top_page and (2) end_page parameters.

 
 
CVE-2008-2977

CWE-94
 

 
Multiple PHP remote file inclusion vulnerabilities in Ourvideo CMS 9.5 allow remote attackers to execute arbitrary PHP code via a URL in the include_connection parameter to (1) edit_top_feature.php and (2) edit_topics_feature.php in phpi/.

 


Copyright 2024, cxsecurity.com

 

Back to Top