MidnightBSD

Advisories for gantty

CVE-2006-2892 MEDIUM

Cross-site scripting (XSS) vulnerability in index.php in GANTTy 1.0.3 allows remote attackers to inject arbitrary HTML and web script via the message parameter in a login action.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gantty gantty 1.0.3
CVE-2006-2893 MEDIUM

index.php in GANTTy 1.0.3 allows remote attackers to obtain the full path of the web server via an invalid lang parameter in an authenticate action.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gantty gantty 1.0.3