Filtered by vendor Contentcustomizer
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5817 | 1 Contentcustomizer | 1 Contentcustomizer | 2024-11-21 | N/A |
| dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a (1) del, (2) delbackup, (3) res, or (4) ren action. NOTE: this issue can be leveraged to conduct cross-site scripting (XSS) and possibly other attacks. | ||||
| CVE-2007-5816 | 1 Contentcustomizer | 1 Contentcustomizer | 2024-11-21 | N/A |
| dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the newlocalpassword password input field in the HTML source of the resulting page. | ||||
Page 1 of 1.