RSS   Podatności dla 'Statusnet'   RSS

2020-02-07
 
CVE-2010-4658

CWE-74
 

 
statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks.

 
2019-11-20
 
CVE-2010-4660

CWE-20
 

 
Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..

 
 
CVE-2010-4659

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents.

 
2019-11-12
 
CVE-2011-3370

CWE-79
 

 
statusnet before 0.9.9 has XSS

 
2013-10-11
 
CVE-2013-4137

CWE-89
 

 
Multiple SQL injection vulnerabilities in StatusNet 1.0 before 1.0.2 and 1.1.0 allow remote attackers to execute arbitrary SQL commands via vectors related to user lists and "a particular tag format."

 
2011-09-23
 
CVE-2011-3802

CWE-200
 

 
StatusNet 0.9.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tpl/index.php and certain other files.

 

 >>> Vendor: Status 2 Produkty
Statusnet
React native desktop


Copyright 2024, cxsecurity.com

 

Back to Top