CVE-2010-1113

CVE-2010-1113 describes a cross-site scripting (XSS) vulnerability in the forum page of Web Server Creator - Web Portal 0.1 . Remote attackers can inject arbitrary web script or HTML via unspecified vectors to index.php . The NVD-record indicates a MEDIUM severity (CVSSv2 base score 4.3) with par...

CVE-2008-6545

CVE-2008-6545 : The in-scope documents describe a PHP remote file inclusion vulnerability in the Web Server Creator Web Portal 0.1, exploitable via the langfile parameter in news/include/createdb.php to execute arbitrary PHP code. Affected software is Web Server Creator Web Portal 0.1; the root c...

CVE-2010-1115

CVE-2010-1115 affects Web Server Creator - Web Portal 0.1; vulnerable component is the news/include/customize.php file. The issue is a directory traversal via a ".." in the l parameter that allows remote attackers to read arbitrary files. Documents do not provide exploitation specifics or a remed...

CVE-2010-1114

CVE-2010-1114 describes multiple PHP remote file inclusion vulnerabilities in the Web Server Creator – Web Portal 0.1. An attacker can trigger code execution by supplying a URL to the (1) pg parameter in index.php and (2) the path parameter to news/form.php. The underlying root cause is inclusion...