CVE-2006-1196
- EPSS 1.03%
- Veröffentlicht 13.03.2006 22:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple cross-site scripting (XSS) vulnerabilities in QwikiWiki 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) from and (2) help parameters to (a) index.php; (3) action, (4) page, (5) debug, (6) help, (7) username, or ...
CVE-2006-0983
- EPSS 6.54%
- Veröffentlicht 03.03.2006 11:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Cross-site scripting (XSS) vulnerability in index.php in QwikiWiki 1.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2006-0699
- EPSS 0.57%
- Veröffentlicht 15.02.2006 11:06:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Cross-site scripting (XSS) vulnerability in search.php in QWikiWiki 1.5, and possibly 1.5.1 and other versions, allows remote attackers to inject arbitrary web script or HTML via the query parameter.
- EPSS 4.25%
- Veröffentlicht 04.01.2005 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Directory traversal vulnerability in index.php in QwikiWiki allows remote attackers to read arbitrary files via a .. (dot dot) and a %00 at the end of the filename in the page parameter.