73 matches found
CVE-2009-1790
CVE-2009-1790 affects Trees from CGI RESCUE (before v2.11). The root cause is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary script/HTML via unspecified parameters. Impact: arbitrary script execution in affected users’ browsers. Affected: Trees v2.10 and earlie...
CVE-2009-1790
Cross-site scripting XSS vulnerability in CGI RESCUE Trees before 2.11 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...
JVN#28521500 Trees from CGI RESCUE vulnerable to cross-site scripting
Trees, a web log system from CGI RESCUE, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer. Products Affected Trees...
CVE-2009-1589
Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows remote attackers to send email to arbitrary recipients via unknown vectors...
CVE-2009-1591
CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting XSS or HTTP response splitting attacks, via CRLF sequences in an unspecified web form...
CVE-2009-1588
Cross-site scripting XSS vulnerability in CGI RESCUE MiniBBS 8t before 8.95t, 8 before 8.95, 9 before 9.08, and 10 before 10.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Crlf injection
CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting XSS or HTTP response splitting attacks, via CRLF sequences in an unspecified web form...
Design/Logic Flaw
Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows remote attackers to send email to arbitrary recipients via unknown vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in CGI RESCUE MiniBBS 8t before 8.95t, 8 before 8.95, 9 before 9.08, and 10 before 10.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-1588
Cross-site scripting XSS vulnerability in CGI RESCUE MiniBBS 8t before 8.95t, 8 before 8.95, 9 before 9.08, and 10 before 10.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-1588
CVE-2009-1588 is a cross-site scripting (XSS) vulnerability in CGI RESCUE MiniBBS used by CGI RESCUE. The flaw affects MiniBBS versions prior to: v10.31 (10.x line), v9.07, v8.94, and v8t 8.93t, with older listings in other sources. An attacker can cause arbitrary script execution in a user’s bro...
CVE-2009-1591
CVE-2009-1591 affects CGI RESCUE Web Mailer prior to 1.04, where CRLF sequences in an unspecified web form enable HTTP header injection, enabling cross-site scripting (XSS) or HTTP response splitting. Public documentation consistently identifies Web Mailer v1.03 and earlier as affected. The under...
CVE-2009-1591
CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting XSS or HTTP response splitting attacks, via CRLF sequences in an unspecified web form...
CVE-2009-1590
Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email to arbitrary recipients via a web form...
CVE-2009-1589
Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows remote attackers to send email to arbitrary recipients via unknown vectors...
CVE-2009-1589
MiniBBS22 from CGI RESCUE contains a vulnerability that allows unauthorized email transmission to arbitrary recipients. Affected product: MiniBBS22 (CGI RESCUE) prior to version 1.01 (CE: v1.00 explicitly listed by sources). Root cause/details on the exact vectors are not clearly stated across th...
Web Mailer from CGI RESCUE vulnerable to HTTP header injection
Overview Web Mailer from CGI RESCUE contains a HTTP header injection vulnerability. Web Mailer from CGI RESCUE is a software that sends emails with contents that are input into a HTML form. Web Mailer contains a HTTP header injection vulnerability. This vulnerability has been fixed and an updated...
Cross-site scripting vulnerability in MiniBBS from CGI RESCUE
Overview MiniBBS from CGI RESCUE contains a cross-site scripting vulnerability. MiniBBS is a message board script provided by CGI RESCUE, contains a cross-site scripting vulnerability. This vulnerability has been fixed and an updated version was released on December 13, 2008. Impact An arbitrary...
JVN#11396739 Cross-site scripting vulnerability in MiniBBS from CGI RESCUE
MiniBBS is a message board script provided by CGI RESCUE, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the vendor. Products...
JVN#36982346 MiniBBS22 from CGI RESCUE allows unauthorized email transmission
MiniBBS22 is a message board script provided by CGI RESCUE. MiniBBS22 contains a vulnerability which allows unauthorized email transmission regardless of the configuration. Impact A remote attacker may send any email to an arbitrary address. Solution Update the software Update to the latest versi...