Gnump3d
Sign in to watchby GNU
CVEs (6)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2007-6130 | 0.00 | — | 0.00 | Nov 26, 2007 | gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions. | ||
| CVE-2005-3349 | 0.00 | — | 0.00 | Nov 18, 2005 | GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file. | ||
| CVE-2005-3355 | 0.00 | — | 0.01 | Nov 18, 2005 | Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | ||
| CVE-2005-3424 | 0.00 | — | 0.01 | Nov 1, 2005 | Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425. | ||
| CVE-2005-3425 | 0.00 | — | 0.01 | Nov 1, 2005 | Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424. | ||
| CVE-2005-3123 | 0.00 | — | 0.01 | Oct 30, 2005 | Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed. |