CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

BUGTRAQ ID: 28002 CNCAN ID:CNCAN-2008022801 H-Sphere SiteStudio是一款自助建站系统。 H-Sphere SiteStudio存在未明安全问题，远程攻击者可以利用漏洞入侵应用程序。目前没有详细漏洞细节提供。 Parallels SiteStudio 1.7.1 Parallels SiteStudio 1.7 Parallels H-Sphere 3.0 Patch 8 Parallels H-Sphere 2.5 Patch 10 可参考如下补丁：...

6.9AI score

Exploits0

Prion•added 2008/02/27 7:44 p.m.•10 views

Design/Logic Flaw

Unspecified vulnerability in Parallels SiteStudio before 1.7.2, and 1.8.x before 1.8b, as used in Parallels H-Sphere 3.0 before Patch 9 and 2.5 before Patch 11, has unknown impact and attack vectors...

10CVSS7.1AI score0.00416EPSS

Exploits0References5Affected Software2

NVD•added 2008/02/27 7:44 p.m.•9 views

CVE-2008-1049

10CVSS6.5AI score0.00416EPSS

Exploits0References5

CVE•added 2008/02/27 7:0 p.m.•40 views

CVE-2008-1049

Technical details about CVE-2008-1049 are not publicly available in the provided documents. Monitor for updates from vendors and security bulletins to learn affected products, impact, and remediation once disclosed.

10CVSS6.5AI score0.00416EPSS

Exploits0References5Affected Software2

Cvelist•added 2008/02/27 7:0 p.m.•14 views

CVE-2008-1049

6.5AI score0.00416EPSS

Exploits0References5

NVD•added 2007/05/13 11:19 p.m.•7 views

CVE-2007-2633

Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or include and execute, arbitrary local files via a .. dot dot in the template parameter...

10CVSS6.7AI score0.00853EPSS

Exploits0References5

Prion•added 2007/05/13 11:19 p.m.•7 views

Directory traversal

Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or include and execute, arbitrary local files via a .. dot dot in the template parameter...

10CVSS7.2AI score0.00853EPSS

Exploits0References5Affected Software1

CVE•added 2007/05/13 11:0 p.m.•33 views

CVE-2007-2633

CVE-2007-2633 affects H-Sphere SiteStudio 1.6. The vulnerability is a directory traversal that allows remote attackers to read, or include and execute, arbitrary local files via a .. (dot dot) in the template parameter. The NVD entry assigns a base score of 10.0 (HIGH) with network attack vector,...

10CVSS6.7AI score0.00853EPSS

Exploits0References5Affected Software1

Cvelist•added 2007/05/13 11:0 p.m.•10 views

CVE-2007-2633

Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or include and execute, arbitrary local files via a .. dot dot in the template parameter...

6.7AI score0.00853EPSS

Exploits0References5

Cvelist•added 2005/05/16 4:0 a.m.•20 views

CVE-2005-1605

Cross-site scripting XSS vulnerability in the guestbook for SiteStudio 1.6 allows remote attackers to inject arbitrary web script or HTML via the name field to 1 psoft.guestbook.GuestBookServ in Standalone Site Studio or 2 E-Guestsign.pl in Integrated Site Studio with H-Sphere...

5.7AI score0.02533EPSS

Exploits0References8

CVE•added 2005/05/16 4:0 a.m.•53 views

CVE-2005-1605

The entry CVE-2005-1605 describes a Cross-site Scripting (XSS) vulnerability in the guestbook of SiteStudio 1.6, exploitable via the name field to either psoft.guestbook.GuestBookServ (Standalone Site Studio) or E-Guest_sign.pl (Integrated Site Studio with H-Sphere). The vulnerability is triggere...

6.8CVSS6AI score0.02533EPSS

Exploits0References8Affected Software1

NVD•added 2005/05/16 4:0 a.m.•19 views

CVE-2005-1605

6.8CVSS5.7AI score0.02533EPSS

Exploits0References8

securityvulns•added 2005/05/10 12:0 a.m.•29 views

[Full-disclosure] SiteStudio

------------------------------------------------------------ - EXPL-A-2005-008 exploitlabs.com Advisory 037 - ------------------------------------------------------------ - Site Studio - AFFECTED PRODUCTS ================= Site Studio Positive Software Corporation https://www.psoft.net OVERVIEW...

0.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by