MidnightBSD

Advisories for tru-zone

CVE-2005-1610 MEDIUM

Cross-site scripting (XSS) vulnerability in security.php for Tru-Zone NukeET 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via a base64 encoded Codigo parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tru-zone nukeet 3.0
tru-zone nukeet 3.1
CVE-2005-3748 HIGH

SQL injection vulnerability in the Search module in Tru-Zone Nuke ET 3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the query parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
tru-zone nukeet 3.0
tru-zone nukeet 3.2
tru-zone nukeet 3.1