2 matches found
CVE-2009-4885
CVE-2009-4885 is a Cross-site Scripting (XSS) vulnerability in phpCommunity 2, version 2.1.8, affecting templates/1/login.php. An attacker can inject arbitrary script/HTML via the msg parameter. CVSS v2 base score: 4.3 (Medium); impact is limited to partial integrity due to user-supplied content,...
phpCommunity2 Multiple Remote Input Validation Vulnerabilities
phpCommunity2 is prone to multiple input-validation vulnerabilities, including multiple directory-traversal issues and SQL-injection issues, and a cross-site scripting issue. Exploiting these issues could allow an attacker to view arbitrary local files within the context of the webserver, steal...