MidnightBSD

Advisories for inserter.cgi

CVE-2005-1298 HIGH

The inserter.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
inserter.cgi inserter.cgi *
CVE-2005-1300 MEDIUM

Cross-site scripting (XSS) vulnerability in the inserter.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
inserter.cgi inserter.cgi *