HitHost
by HitHost
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-1144 | 0.03 | — | 0.05 | Mar 10, 2006 | Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php. | |||
| CVE-2006-1235 | 0.00 | — | 0.02 | Mar 14, 2006 | Directory traversal vulnerability in admin/deleteuser.php in HitHost 1.0.0 might allow remote attackers to delete directories (possibly only empty directories) via the $deleteuser variable. NOTE: the initial disclosure for this issue indicated that the researcher was unable to… |
- CVE-2006-1144Mar 10, 2006risk 0.03cvss —epss 0.05
Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php.
- CVE-2006-1235Mar 14, 2006risk 0.00cvss —epss 0.02
Directory traversal vulnerability in admin/deleteuser.php in HitHost 1.0.0 might allow remote attackers to delete directories (possibly only empty directories) via the $deleteuser variable. NOTE: the initial disclosure for this issue indicated that the researcher was unable to…