MidnightBSD

Advisories for include.cgi

CVE-2005-1295 HIGH

include.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
include.cgi include.cgi *
CVE-2005-1296 HIGH

include.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
include.cgi include.cgi *
CVE-2005-1297 MEDIUM

Cross-site scripting (XSS) vulnerability in the include.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
include.cgi include.cgi *