2 matches found
CVE-2007-2669
CVE-2007-2669 covers multiple XSS flaws in PHPChain 1.0 and earlier. The vulnerabilities arise from unsafely handling the catid parameter in settings.php and cat.php, enabling remote attackers to inject arbitrary web script or HTML. Some parameter values may also trigger path disclosure. The prov...
CVE-2007-2670
Summary: CVE-2007-2670 affects PHPChain 1.0 and earlier. The vulnerability arises from invalid values of the catid parameter in settings.php or cat.php, enabling remote attackers to disclose the installation path via XSS manipulations. The provided documents do not specify a patched version or re...