VYPR

Community Framework

by Woltlab

CVEs (2)

  • CVE-2008-1717Apr 9, 2008
    risk 0.00cvss epss 0.01

    WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page and (2) form parameters, which leaks the path from an exception handler when a valid class cannot be found.

  • CVE-2008-1716Apr 9, 2008
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to inject arbitrary web script or HTML via the (1) page and (2) form parameters, which are not properly handled when they are reflected back…