| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-5149 | 7.5 |
Multiple directory traversal vulnerabilities in OpenBiblio before 0.5.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the page parameter to shared/help.php or (2) the tab parameter to shared/header.php.
|
17-10-2018 - 21:41 | 05-10-2006 - 04:04 | |
| CVE-2007-6607 | 5.0 |
OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain sensitive information via a direct request for (1) shared/footer.php, (2) circ/mbr_fields.php, or (3) admin/custom_marc_form_fields.php, which reveals the path in various error messa
|
15-10-2018 - 21:55 | 31-12-2007 - 20:46 | |
| CVE-2007-6608 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in OpenBiblio 0.5.2-pre4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) LAST and (2) FIRST parameters to admin/staff_del_confirm.php, (3) the name parameter to
|
15-10-2018 - 21:55 | 31-12-2007 - 20:46 | |
| CVE-2007-6606 | 5.0 |
OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
|
15-10-2018 - 21:55 | 31-12-2007 - 20:46 |