SL_site

CVEs (3)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2006-2013	SL Site SL_site	—	0.01	Apr 25, 2006	SQL injection vulnerability in page.php in SL_site 1.0 allows remote attackers to execute arbitrary SQL commands via the id_page parameter. NOTE: this issue could be used to produce resultant XSS from an error message.
CVE-2006-2015	SL Site SL_site	—	0.01	Apr 25, 2006	Cross-site scripting (XSS) vulnerability in SL_site 1.0 allows remote attackers to inject arbitrary web script or HTML via the recherche parameter in recherche.php. NOTE: other XSS vectors, as reported in the original disclosure, are resultant from other primary vulnerabilities…
CVE-2006-2014	SL Site SL_site	—	0.02	Apr 25, 2006	Directory traversal vulnerability in gallerie.php in SL_site 1.0 allows remote attackers to list images in arbitrary directories via ".." sequences in the rep parameter, which is used to construct a directory name in admin/config.inc.php. NOTE: this issue could be used to…

CVE-2006-2013Apr 25, 2006
SL Site
SL_site
risk 0.00cvss —epss 0.01
SQL injection vulnerability in page.php in SL_site 1.0 allows remote attackers to execute arbitrary SQL commands via the id_page parameter. NOTE: this issue could be used to produce resultant XSS from an error message.
CVE-2006-2015Apr 25, 2006
SL Site
SL_site
risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in SL_site 1.0 allows remote attackers to inject arbitrary web script or HTML via the recherche parameter in recherche.php. NOTE: other XSS vectors, as reported in the original disclosure, are resultant from other primary vulnerabilities…
CVE-2006-2014Apr 25, 2006
SL Site
SL_site
risk 0.00cvss —epss 0.02
Directory traversal vulnerability in gallerie.php in SL_site 1.0 allows remote attackers to list images in arbitrary directories via ".." sequences in the rep parameter, which is used to construct a directory name in admin/config.inc.php. NOTE: this issue could be used to…