CVE search results

1 – 2 of 2 results

Detailed view

Sort by:

CVE-2008-2236

Low priority

Ignored

Cross-site scripting (XSS) vulnerability in blosxom.cgi in Blosxom before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the flav parameter (flavour variable). NOTE: some of these details are obtained...

1 affected package

blosxom

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
blosxom	—	—	—	—

CVE-2006-0707

Medium priority

Some fixes available 7 of 8

PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrary files via an HTTP request with multiple leading / (slash) characters, which is accessed using the PATH_INFO variable.

1 affected package

pyblosxom

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pyblosxom	—	—	—	—

Search CVE reports