Eyeos@0.8.4 Security Vulnerabilities and Issues — Eyeos@0.8.4 CVE List

Lucene search

Eyeos ProjectEyeos0.8.4

4 matches found

CVE•added 2006/02/10 11:2 a.m.•62 views

CVE-2006-0636

desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the _SESSION variable before calling the session_start function, which allows remote attackers to execute arbitrary PHP code and possibly conduct other attacks by modifying critical assumed-immutable variables, as demonstrated using ...

7.5CVSS7.7AI score0.01269EPSS

CVE•added 2005/11/01 8:3 p.m.•31 views

CVE-2005-3413

Cross-site scripting (XSS) vulnerability in desktop.php in eyeOS 0.8.4 allows remote attackers to inject arbitrary web script or HTML via the motd parameter.

4.3CVSS6AI score0.00572EPSS

CVE•added 2005/11/01 8:3 p.m.•30 views

CVE-2005-3414

eyeOS 0.8.4 stores usrinfo.xml under the web document root with insufficient access control, which allows remote attackers to obtain user credentials.

7.5CVSS7AI score0.01414EPSS

CVE•added 2006/09/28 12:7 a.m.•30 views

CVE-2006-5071

Multiple cross-site scripting (XSS) vulnerabilities in eyeOS before 0.9.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) eyeNav and (2) system/baixar.php.

4.3CVSS5.7AI score0.00507EPSS