MidnightBSD

Advisories for cgiirc

CVE-2006-2148 HIGH

Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 might allow remote attackers to execute arbitrary code via (1) cookies or (2) the query string.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
cgiirc cgiirc 0.5.7
cgiirc cgiirc 0.5.4
CVE-2011-0050 MEDIUM

Cross-site scripting (XSS) vulnerability in the nonjs interface (interfaces/nonjs.pm) in CGI:IRC before 0.5.10 allows remote attackers to inject arbitrary web script or HTML via the R parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
cgiirc cgi:irc 0.5.4
cgiirc cgi:irc 0.3.3_pre1
cgiirc cgi:irc 0.3.7
cgiirc cgi:irc 0.5.8
cgiirc cgi:irc 0.5
cgiirc cgi:irc 0.3
cgiirc cgi:irc 0.3.3
cgiirc cgi:irc 0.5.5
cgiirc cgi:irc 0.5.2
cgiirc cgi:irc 0.3_pre2
cgiirc cgi:irc 0.4.1
cgiirc cgi:irc 0.2
cgiirc cgi:irc 0.3.5b
cgiirc cgi:irc 0.5.7
cgiirc cgi:irc 0.3.4
cgiirc cgi:irc 0.3.5
cgiirc cgi:irc 0.5.3
cgiirc cgi:irc 0.1
cgiirc cgi:irc 0.3.1
cgiirc cgi:irc 0.3_pre1
cgiirc cgi:irc 0.3.2
cgiirc cgi:irc 0.3.6
cgiirc cgi:irc 0.4.3
cgiirc cgi:irc 0.4
cgiirc cgi:irc 0.4.2
cgiirc cgi:irc *
cgiirc cgi:irc 0.5.1
cgiirc cgi:irc 0.2.1
cgiirc cgi:irc 0.5.6
CVE-2017-8920 MEDIUM

irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the R parameter without proper output encoding, aka XSS.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
cgiirc cgi:irc *