Lucene search
K

73 matches found

CVE
CVE
added 2009/05/26 4:0 p.m.40 views

CVE-2009-1790

CVE-2009-1790 affects Trees from CGI RESCUE (before v2.11). The root cause is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary script/HTML via unspecified parameters. Impact: arbitrary script execution in affected users’ browsers. Affected: Trees v2.10 and earlie...

4.3CVSS5.9AI score0.01263EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2009/05/26 4:0 p.m.22 views

CVE-2009-1790

Cross-site scripting XSS vulnerability in CGI RESCUE Trees before 2.11 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

5.7AI score0.01263EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/05/18 12:0 a.m.27 views

JVN#28521500 Trees from CGI RESCUE vulnerable to cross-site scripting

Trees, a web log system from CGI RESCUE, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer. Products Affected Trees...

4.3CVSS5.9AI score0.01263EPSS
Exploits0
NVD
NVD
added 2009/05/08 6:30 p.m.22 views

CVE-2009-1589

Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows remote attackers to send email to arbitrary recipients via unknown vectors...

5CVSS6.8AI score0.01173EPSS
Exploits0References3
NVD
NVD
added 2009/05/08 6:30 p.m.20 views

CVE-2009-1591

CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting XSS or HTTP response splitting attacks, via CRLF sequences in an unspecified web form...

4.3CVSS6.2AI score0.01065EPSS
Exploits0References5
NVD
NVD
added 2009/05/08 6:30 p.m.17 views

CVE-2009-1588

Cross-site scripting XSS vulnerability in CGI RESCUE MiniBBS 8t before 8.95t, 8 before 8.95, 9 before 9.08, and 10 before 10.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01223EPSS
Exploits0References6
Prion
Prion
added 2009/05/08 6:30 p.m.15 views

Crlf injection

CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting XSS or HTTP response splitting attacks, via CRLF sequences in an unspecified web form...

4.3CVSS6.3AI score0.01065EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2009/05/08 6:30 p.m.17 views

Design/Logic Flaw

Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows remote attackers to send email to arbitrary recipients via unknown vectors...

5CVSS7.2AI score0.01173EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2009/05/08 6:30 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in CGI RESCUE MiniBBS 8t before 8.95t, 8 before 8.95, 9 before 9.08, and 10 before 10.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01223EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2009/05/08 6:0 p.m.21 views

CVE-2009-1588

Cross-site scripting XSS vulnerability in CGI RESCUE MiniBBS 8t before 8.95t, 8 before 8.95, 9 before 9.08, and 10 before 10.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01223EPSS
Exploits0References6
CVE
CVE
added 2009/05/08 6:0 p.m.59 views

CVE-2009-1588

CVE-2009-1588 is a cross-site scripting (XSS) vulnerability in CGI RESCUE MiniBBS used by CGI RESCUE. The flaw affects MiniBBS versions prior to: v10.31 (10.x line), v9.07, v8.94, and v8t 8.93t, with older listings in other sources. An attacker can cause arbitrary script execution in a user’s bro...

4.3CVSS5.8AI score0.01223EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2009/05/08 6:0 p.m.43 views

CVE-2009-1591

CVE-2009-1591 affects CGI RESCUE Web Mailer prior to 1.04, where CRLF sequences in an unspecified web form enable HTTP header injection, enabling cross-site scripting (XSS) or HTTP response splitting. Public documentation consistently identifies Web Mailer v1.03 and earlier as affected. The under...

4.3CVSS6.3AI score0.01065EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2009/05/08 6:0 p.m.27 views

CVE-2009-1591

CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting XSS or HTTP response splitting attacks, via CRLF sequences in an unspecified web form...

6.2AI score0.01065EPSS
Exploits0References5
Cvelist
Cvelist
added 2009/05/08 6:0 p.m.26 views

CVE-2009-1590

Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email to arbitrary recipients via a web form...

6.7AI score0.01222EPSS
Exploits0References5
Cvelist
Cvelist
added 2009/05/08 6:0 p.m.30 views

CVE-2009-1589

Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows remote attackers to send email to arbitrary recipients via unknown vectors...

6.8AI score0.01173EPSS
Exploits0References3
CVE
CVE
added 2009/05/08 6:0 p.m.53 views

CVE-2009-1589

MiniBBS22 from CGI RESCUE contains a vulnerability that allows unauthorized email transmission to arbitrary recipients. Affected product: MiniBBS22 (CGI RESCUE) prior to version 1.01 (CE: v1.00 explicitly listed by sources). Root cause/details on the exact vectors are not clearly stated across th...

5CVSS7AI score0.01173EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/28 7:36 a.m.2 views

Web Mailer from CGI RESCUE vulnerable to HTTP header injection

Overview Web Mailer from CGI RESCUE contains a HTTP header injection vulnerability. Web Mailer from CGI RESCUE is a software that sends emails with contents that are input into a HTML form. Web Mailer contains a HTTP header injection vulnerability. This vulnerability has been fixed and an updated...

4.3CVSS7AI score0.01065EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/28 7:35 a.m.4 views

Cross-site scripting vulnerability in MiniBBS from CGI RESCUE

Overview MiniBBS from CGI RESCUE contains a cross-site scripting vulnerability. MiniBBS is a message board script provided by CGI RESCUE, contains a cross-site scripting vulnerability. This vulnerability has been fixed and an updated version was released on December 13, 2008. Impact An arbitrary...

4.3CVSS6.2AI score0.01223EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/27 12:0 a.m.50 views

JVN#11396739 Cross-site scripting vulnerability in MiniBBS from CGI RESCUE

MiniBBS is a message board script provided by CGI RESCUE, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the vendor. Products...

4.3CVSS5.9AI score0.01223EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/27 12:0 a.m.45 views

JVN#36982346 MiniBBS22 from CGI RESCUE allows unauthorized email transmission

MiniBBS22 is a message board script provided by CGI RESCUE. MiniBBS22 contains a vulnerability which allows unauthorized email transmission regardless of the configuration. Impact A remote attacker may send any email to an arbitrary address. Solution Update the software Update to the latest versi...

5CVSS6.4AI score0.01173EPSS
Exploits0
Rows per page
Query Builder