Produkt Sitekiosk (...) - CVEMAP.ORG

Podatności dla 'Sitekiosk'

2006-12-13

CVE-2006-6510

CWE-Other

An unspecified ActiveX control in SiteKiosk before 6.5.150 is installed "safe for scripting", which allows local users to bypass security protections and read arbitrary files via certain functions.

CVE-2006-6509

CWE-Other

Cross-site scripting (XSS) vulnerability in the skinning feature in SiteKiosk before 6.5.150 allows local users to bypass security protections and inject arbitrary web script or HTML via an ABOUT: URI, which is displayed in the title bar of the browser.

Copyright 2024, cxsecurity.com