Scribe

CVEs (2)

• CVE-2007-5823Nov 5, 2007
  Scribe

  Scribe
  risk 0.03cvss —epss 0.03

  Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the username parameter in a Register action.

• CVE-2007-5822Nov 5, 2007
  Scribe

  Scribe
  risk 0.03cvss —epss 0.03

  Direct static code injection vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to inject arbitrary PHP code into a certain file in regged/ via the username parameter in a Register action, possibly related to the register function in…