Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
IwriteNightfall Personal Diary

2 matches found

CVE
CVEadded 2008/12/16 6:0 p.m.46 views

CVE-2008-5591

CVE-2008-5591 describes a Cross-site scripting (XSS) vulnerability in login.asp of Nightfall Personal Diary 1.0, allowing remote attackers to inject arbitrary web script or HTML via the username parameter (and possibly other login fields). The affected component is the login page (login.asp) and ...

4.3CVSS5.9AI score0.01571EPSS
CVE
CVEadded 2008/12/16 6:0 p.m.43 views

CVE-2008-5592

CVE-2008-5592 affects Nightfall Personal Diary 1.0. The issue is improper access control: sensitive data is stored under the web root, allowing remote attackers to download the database file (users-zza21.mdb) via a direct request. The resulting impact is partial confidentiality loss. The availabl...

5CVSS6.4AI score0.02615EPSS