3 matches found
CVE-2006-3183
CVE-2006-3183 is a cross-site scripting (XSS) vulnerability affecting MobeScripts Mobile Space Community 2.0 and earlier. The flaw allows remote attackers to inject arbitrary script/HTML via the browse parameter (unfiltered in error messages) and several inputs (updating a profile, posting commen...
CVE-2006-3181
The CVE-2006-3181 issue affects MobeScripts Mobile Space Community 2.0: SQL injection in index.php where the browse parameter can be abused by a remote attacker to execute arbitrary SQL commands. Affected product/component: index.php in the Mobile Space Community 2.0 package (MobeScripts). Root c...
CVE-2006-3182
CVE-2006-3182 affects MobeScripts Mobile Space Community 2.0. The vulnerability is a directory traversal in index.php, exploitable via a .. sequence in the uid parameter on the rss page, enabling remote attackers to read arbitrary files. The NVD entry lists a CVSSv2 base score of 7.5 (HIGH) with ...