CVE-2006-2970

videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain sensitive information via a certain id parameter, probably with an invalid value, which reveals the path in an error message...

Design/Logic Flaw

videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain sensitive information via a certain id parameter, probably with an invalid value, which reveals the path in an error message...

CVE-2006-2969

Cross-site scripting XSS vulnerability in L0j1k tinyMuw 0.1.0 allow remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the input box in quickchat.php, and possibly other manipulations...

Cross site scripting

Cross-site scripting XSS vulnerability in L0j1k tinyMuw 0.1.0 allow remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the input box in quickchat.php, and possibly other manipulations...

CVE-2006-2970

VideoPage.php in L0j1k tinyMuw 0.1.0 is affected by CVE-2006-2970. Remote attackers can obtain sensitive information by supplying a certain id parameter, which causes an error message that reveals the path. The provided documents describe the information-disclosure impact but do not provide root-...

CVE-2006-2969

Cross-site scripting XSS vulnerability in L0j1k tinyMuw 0.1.0 allow remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the input box in quickchat.php, and possibly other manipulations...

CVE-2006-2970

videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain sensitive information via a certain id parameter, probably with an invalid value, which reveals the path in an error message...