4 matches found
CVE-2009-0240
listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter...
CVE-2008-5918
Cross-site scripting XSS vulnerability in the getParameterisedSelfUrl function in index.php in WebSVN 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...
CVE-2008-5918
The CVE-2008-5918 entry concerns a Cross-site scripting (XSS) in WebSVN 2.0 and earlier. According to Gentoo GLSA 200903-20 and related OPENVAS entries, the vulnerability affects the getParameterisedSelfUrl() function in index.php, enabling a remote attacker to inject arbitrary web script or HTML...
CVE-2008-5919
WebSVN (2.0 and earlier) contains a directory traversal vulnerability in rss.php that occurs when magic_quotes_gpc is disabled, allowing remote attackers to overwrite arbitrary files via rev parameter traversal. The issue is CVE-2008-5919 and is part of a set of vulnerabilities described for WebS...