MidnightBSD

Advisories for adam_webb

CVE-2004-2007 MEDIUM

Cross-site scripting (XSS) vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to inject arbitrary HTML or web script via the (1) cat parameter in a CatView function or (2) jokeid parameter in a JokeView function.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
adam_webb nukejokes 1.7
adam_webb nukejokes 2.0_beta
CVE-2004-2008 MEDIUM

SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to execute arbitrary SQL via the jokeid parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
adam_webb nukejokes 1.7
adam_webb nukejokes 2.0_beta