MidnightBSD

Advisories for al-caricatier

CVE-2005-4653 MEDIUM

Unspecified vulnerability in ss.php in AL-Caricatier 2.5 and earlier allows remote attackers to bypass login authentication by requesting view_caricatier.php, and then requesting any file in the admin directory with a cookie_username=admin argument.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
al-caricatier al-caricatier 2.5
al-caricatier al-caricatier 1.0
CVE-2006-1556 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in view_caricatier.php in AL-Caricatier 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) CatName, (2) CaricatierID, or (3) CatID parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
al-caricatier al-caricatier 2.5