Particle Links

CVEs (4)

CVE	CVSS	EPSS	Published	Description
CVE-2006-2904	—	0.01	Jun 8, 2006	SQL injection vulnerability in index.php in Partial Links 1.2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter.
CVE-2006-2903	—	0.00	Jun 8, 2006	Cross-site scripting (XSS) vulnerability in admin.php in Particle Links 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVE-2006-2902	—	0.00	Jun 8, 2006	Directory traversal vulnerability in Particle Links 1.2.2 might allow remote attackers to access arbitrary files via ".." sequences in an HTTP request. NOTE: it is not clear whether this issue is legitimate, as the original researcher seems unsure.
CVE-2006-2905	—	0.00	Jun 8, 2006	Partial Links 1.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) page_footer.php and (2) page_header.php, which displays the path in an error message.

CVE-2006-2904Jun 8, 2006
risk 0.00cvss —epss 0.01
SQL injection vulnerability in index.php in Partial Links 1.2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter.
CVE-2006-2903Jun 8, 2006
risk 0.00cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in admin.php in Particle Links 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVE-2006-2902Jun 8, 2006
risk 0.00cvss —epss 0.00
Directory traversal vulnerability in Particle Links 1.2.2 might allow remote attackers to access arbitrary files via ".." sequences in an HTTP request. NOTE: it is not clear whether this issue is legitimate, as the original researcher seems unsure.
CVE-2006-2905Jun 8, 2006
risk 0.00cvss —epss 0.00
Partial Links 1.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) page_footer.php and (2) page_header.php, which displays the path in an error message.