| Max CVSS | 6.8 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-3320 | 2.6 |
Cross-site scripting (XSS) vulnerability in command.php in SiteBar 3.3.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the command parameter.
|
18-10-2018 - 16:46 | 30-06-2006 - 01:05 | |
| CVE-2007-5692 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token parameter in a New Password action, (3) the nid_acl paramet
|
15-10-2018 - 21:46 | 29-10-2007 - 20:46 | |
| CVE-2007-5695 | 6.4 |
Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect users to arbitrary web sites via a URL in the forward parameter in a Log In action.
|
15-10-2018 - 21:46 | 29-10-2007 - 20:46 | |
| CVE-2007-5694 | 6.8 |
Absolute path traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, a different vulnerability than CVE-2007-5491.
|
15-10-2018 - 21:46 | 29-10-2007 - 20:46 | |
| CVE-2007-5693 | 6.0 |
Eval injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the edit parameter in an upd cmd action, a different vulnerability than CVE-2007-5492.
|
15-10-2018 - 21:46 | 29-10-2007 - 20:46 | |
| CVE-2007-5492 | 4.6 |
Static code injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the value parameter. Refer to:
http://sitebar.org/downloads.php and
http://teamfor
|
15-10-2018 - 21:45 | 17-10-2007 - 19:17 |