2 matches found
CVE-2006-0661
The CVE-2006-0661 entry concerns a Cross-Site Scripting (XSS) vulnerability in Scriptme SmE GB Host 1.21 and SmE Blog Host, exploitable via the BBcode [url] tag to inject arbitrary script/HTML. Affected components: Scriptme SmE GB Host 1.21 and SmE Blog Host. Root cause and impact: XSS allowing r...
CVE-2006-0856
The CVE-2006-0856 entry describes a SQL injection in login.php of Scriptme SmE GB Host 1.21 that lets remote attackers execute arbitrary SQL and bypass authentication via the Username parameter. Affected software is Scriptme SmE GB Host 1.21; the vulnerability arises from improper handling of the...