2 matches found
CVE-2006-2325
CVE-2006-2325 describes a cross-site scripting (XSS) vulnerability in index.php of the OnlyScript.info Online Universal Payment System Script. It allows remote attackers to inject arbitrary web script or HTML via the read parameter, with the note that the issue might originate from directory trav...
CVE-2006-2326
The CVE describes a directory traversal vulnerability in index.php of the OnlyScript.info Online Universal Payment System Script. The flaw allows remote attackers to read arbitrary files via traversal sequences in the read parameter, leading to partial confidentiality impact. Affected component: ...