MidnightBSD

Advisories for teca_scripts

CVE-2006-0729 HIGH

SQL injection vulnerability in functions.php in Teca Diary PE 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) yy, (2) mm, and (3) dd parameters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
teca_scripts teca_diary personal_1.0
CVE-2006-0776 MEDIUM

Cross-site scripting (XSS) vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
teca_scripts guestex 1.0
CVE-2006-0777 HIGH

Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
teca_scripts guestex 1.0