MidnightBSD

Advisories for gossamer_threads

CVE-2000-0381 MEDIUM

The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gossamer_threads dbman 2.0.4
CVE-2005-1492 MEDIUM

Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gossamer_threads gossamer_threads_links-sql 3.0
gossamer_threads gossamer_threads_links 2.2.0
gossamer_threads gossamer_threads_links 2.0