3 matches found
CVE-2006-5034
CVE-2006-5034: Directory traversal in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to read arbitrary files via .. in the URI. The NVD lists a base score of 5.0 (MEDIUM) with CONFIDENTIALITY PARTIAL impact; exploitation details and patches are not provided in th...
CVE-2006-5035
CVE-2006-5035 describes multiple cross-site scripting (XSS) vulnerabilities in Paul Smith Computer Services vCAP 1.7.0. The flaws allow remote attackers to inject arbitrary web script or HTML via the statusmsg parameter in RegisterPage.cgi or a URI to a nonexistent file. The CVSSv2 base score is ...
CVE-2006-5033
The CVE-2006-5033 entry describes an unspecified vulnerability in Paul Smith Computer Services’ vCAP 1.9.0 Beta and earlier, specifically in StoresAndCalendarsList.cgi, allowing remote attackers to cause a denial of service via the session parameter, possibly related to format string specifiers o...