2 matches found
CVE-2008-6609
Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2 allows remote attackers to inject arbitrary web script or HTML via the path parameter.
CVE-2008-6610
Absolute path traversal vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 allows remote attackers to list arbitrary directories and read arbitrary files via a full pathname in the file parameter.