RSS   Podatności dla 'Particle links'   RSS

2006-06-08
 
CVE-2006-2905

CWE-Other
 

 
Partial Links 1.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) page_footer.php and (2) page_header.php, which displays the path in an error message.

 
 
CVE-2006-2904

CWE-Other
 

 
SQL injection vulnerability in index.php in Partial Links 1.2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter.

 
 
CVE-2006-2903

CWE-Other
 

 
Cross-site scripting (XSS) vulnerability in admin.php in Particle Links 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter.

 
 
CVE-2006-2902

CWE-Other
 

 
Directory traversal vulnerability in Particle Links 1.2.2 might allow remote attackers to access arbitrary files via ".." sequences in an HTTP request. NOTE: it is not clear whether this issue is legitimate, as the original researcher seems unsure.

 

 >>> Vendor: Particle soft 4 Produkty
Particle wiki
Particle gallery
Particle links
Particle whois


Copyright 2024, cxsecurity.com

 

Back to Top