Lucene search

Advertisementmanager Security Vulnerabilities

cve

CVE-2010-1105

Cross-site scripting (XSS) vulnerability in cgi/index.php in AdvertisementManager 3.1.0 and 3.6 allows remote attackers to inject arbitrary web script or HTML via the usr...

6.3AI Score

0.004EPSS

2010-03-25 05:30 PM

cve

CVE-2010-1106

PHP remote file inclusion vulnerability in cgi/index.php in AdvertisementManager 3.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the req parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot)...

8.2AI Score

0.005EPSS

2010-03-25 05:30 PM