| Max CVSS | 9.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-5692 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token parameter in a New Password action, (3) the nid_acl paramet
|
15-10-2018 - 21:46 | 29-10-2007 - 20:46 | |
| CVE-2007-5695 | 6.4 |
Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect users to arbitrary web sites via a URL in the forward parameter in a Log In action.
|
15-10-2018 - 21:46 | 29-10-2007 - 20:46 | |
| CVE-2007-5694 | 6.8 |
Absolute path traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, a different vulnerability than CVE-2007-5491.
|
15-10-2018 - 21:46 | 29-10-2007 - 20:46 | |
| CVE-2007-5693 | 6.0 |
Eval injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the edit parameter in an upd cmd action, a different vulnerability than CVE-2007-5492.
|
15-10-2018 - 21:46 | 29-10-2007 - 20:46 | |
| CVE-2007-5492 | 4.6 |
Static code injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the value parameter. Refer to:
http://sitebar.org/downloads.php and
http://teamfor
|
15-10-2018 - 21:45 | 17-10-2007 - 19:17 | |
| CVE-2007-5491 | 9.0 |
Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via ".." sequences in the lang parameter. Refer to:
http://sitebar.org/downloads.php and
|
08-03-2011 - 03:00 | 17-10-2007 - 19:17 |