RSS   Podatności dla 'Super link exchange script'   RSS

2007-02-22
 
CVE-2006-7035

CWE-Other
 

 
Directory traversal vulnerability in make_thumbnail.php in Super Link Exchange Script 1.0 allows remote attackers to read arbitrary files via ".." sequences in the imgpath parameter.

 
 
CVE-2006-7034

CWE-Other
 

 
SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter.

 
 
CVE-2006-7033

CWE-Other
 

 
Cross-site scripting (XSS) vulnerability in Super Link Exchange Script 1.0 allows remote attackers to inject arbitrary web script or HTML via IMG tags in the search box.

 


Copyright 2024, cxsecurity.com

 

Back to Top