Directory traversal

Directory traversal vulnerability in ibrowser.php in the CMScout 2.09 IBrowser TinyMCE Plugin 1.4.1, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via a .. dot dot in the lang parameter. NOTE: some of these details are obtained from third party information...

CVE-2010-5281

CMScout 2.09 IBrowser TinyMCE Plugin 1.4.1 is affected by a directory traversal in ibrowser.php. When magic_quotes_gpc is disabled, an attacker can read arbitrary files by injecting a .. into the lang parameter. This is a true vulnerability with CVE-2010-5281 documented by NVD (base score 6.8, ve...

CVE-2010-5281

Directory traversal vulnerability in ibrowser.php in the CMScout 2.09 IBrowser TinyMCE Plugin 1.4.1, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via a .. dot dot in the lang parameter. NOTE: some of these details are obtained from third party information...

CMScout 2.09 CSRF Vulnerability

Exploit for php platform in category web applications...

CMScout 2.09 / IBrowser TinyMCE Local File Inclusion

------------------------------------------------------------------------ Software................CMScout 2.09 / IBrowser TinyMCE Plugin Vulnerability...........Local File Inclusion Download................http://www.cmscout.co.za/ Release Date............9/15/2010 Tested On...............Windows...

Cross site scripting

Cross-site scripting XSS vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information...

CVE-2010-2154

Cross-site scripting XSS vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information...