3 matches found
CVE-2006-6852
Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 allows remote authenticated users to execute arbitrary Ruby code via unspecified vectors, possibly related to incorrect input validation by 1 conf.rhtml and 2 i.conf.rhtml. NOTE: some of these details are obtained from third party...
CVE-2006-6174
Cross-site scripting XSS vulnerability in tDiary before 2.0.3 and 2.1.x before 2.1.4.20061126 allows remote attackers to inject arbitrary web script or HTML via the conf parameter in 1 tdiary.rb and 2 skel/conf.rhtml...
CVE-2006-6174
Cross-site scripting XSS vulnerability in tDiary before 2.0.3 and 2.1.x before 2.1.4.20061126 allows remote attackers to inject arbitrary web script or HTML via the conf parameter in 1 tdiary.rb and 2 skel/conf.rhtml...