CVE-2005-2721

Foojan PHP Weblog is affected by multiple XSS vulnerabilities in index.php and admin.php, exploitable via the Referer header in HTTP requests. The issue enables remote attackers to inject arbitrary script/HTML and has a CVSSv2 base score of 4.3 (Medium) with network attack vector, medium complexi...

CVE-2005-2722

The CVE-2005-2722 entry concerns Foojan PHP Weblog, which exposes information leakage via two pathways: (1) a direct request to /daylinks/index.php and (2) a negative value in the daylinkspage parameter to index.php. The underlying issue is that error messages reveal the internal path, enabling a...