EUVD-2006-6157

Malware in sbrugna...

CVE-2010-0726

Cross-site scripting XSS vulnerability in the tb-send.rb TrackBack transmission plugin in tDiary 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors, possibly related to the 1 plugintburl and 2 plugintbexcerpt parameters...

CVE-2006-6852

Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 allows remote authenticated users to execute arbitrary Ruby code via unspecified vectors, possibly related to incorrect input validation by 1 conf.rhtml and 2 i.conf.rhtml. NOTE: some of these details are obtained from third party...

DEBIAN-CVE-2006-6852

Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 allows remote authenticated users to execute arbitrary Ruby code via unspecified vectors, possibly related to incorrect input validation by 1 conf.rhtml and 2 i.conf.rhtml. NOTE: some of these details are obtained from third party...

DEBIAN-CVE-2006-6174

Cross-site scripting XSS vulnerability in tDiary before 2.0.3 and 2.1.x before 2.1.4.20061126 allows remote attackers to inject arbitrary web script or HTML via the conf parameter in 1 tdiary.rb and 2 skel/conf.rhtml...

CVE-2006-6174

Cross-site scripting XSS vulnerability in tDiary before 2.0.3 and 2.1.x before 2.1.4.20061126 allows remote attackers to inject arbitrary web script or HTML via the conf parameter in 1 tdiary.rb and 2 skel/conf.rhtml...

DEBIAN-CVE-2005-2411

Cross-Site Request Forgery CSRF vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user...

CVE-2005-2411

Cross-Site Request Forgery CSRF vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user...