Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2005-2893 | 7.5 |
Direct static code injection vulnerability in setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via the username (u parameter), which is directly injected into a file that is later exec
|
11-07-2017 - 01:33 | 14-09-2005 - 20:03 | |
CVE-2005-2892 | 5.0 |
Directory traversal vulnerability in setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) in the u parameter.
|
11-07-2017 - 01:33 | 14-09-2005 - 20:03 | |
CVE-2005-2895 | 5.0 |
setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote attackers to obtain sensitive information via a %00 (a null byte) in the u parameter, which reveals the path in an error message.
|
11-07-2017 - 01:33 | 14-09-2005 - 20:03 |