3 matches found
CVE-2010-1113
CVE-2010-1113 describes a cross-site scripting (XSS) vulnerability in the forum page of Web Server Creator - Web Portal 0.1 . Remote attackers can inject arbitrary web script or HTML via unspecified vectors to index.php . The NVD-record indicates a MEDIUM severity (CVSSv2 base score 4.3) with par...
CVE-2010-1115
CVE-2010-1115 affects Web Server Creator - Web Portal 0.1; vulnerable component is the news/include/customize.php file. The issue is a directory traversal via a ".." in the l parameter that allows remote attackers to read arbitrary files. Documents do not provide exploitation specifics or a remed...
CVE-2010-1114
CVE-2010-1114 describes multiple PHP remote file inclusion vulnerabilities in the Web Server Creator – Web Portal 0.1. An attacker can trigger code execution by supplying a URL to the (1) pg parameter in index.php and (2) the path parameter to news/form.php. The underlying root cause is inclusion...