3 matches found
CVE-2020-12685
Interchange 4.7.0–5.11.x contains an XSS flaw in the admin/help.html and admin/quicklinks.html pages that can enable remote attackers to steal credentials or data via browser JavaScript. The cited sources describe cross-site scripting in the admin UI as the vulnerability, but no remediation steps...
CVE-2002-0874
Interchange vulnerability CVE-2002-0874 affects Interchange 4.8.6, 4.8.3 and other versions when running in INET mode, allowing remote attackers to read arbitrary files. The issue is documented in Debian DSA-150-1, which notes the fix to 4.8.3.20020306-1 (woody) and 4.8.6-1 (sid). OpenVAS and CVE...
CVE-2003-1138
The CVE-2003-1138 issue affects Apache 2.0.40 as shipped with Red Hat Linux 9.0. The vulnerability arises from handling a GET request containing a double slash (//), which allows remote attackers to list directory contents despite auto indexing being disabled or a default page configured. The sec...