VYPR
Vendor

Daverave

Products
2
CVEs
4
Across products
4
Status
Private

Products

2

Recent CVEs

4
  • CVE-2006-1199Mar 14, 2006
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in iframe.php in daverave Link Bank allows remote attackers to inject arbitrary web script or HTML via the site parameter.

  • CVE-2006-1073Mar 8, 2006
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in index.php in Daverave Simplog 1.0.2 and earlier allows remote attackers to include or read arbitrary .txt files via the (1) act and (2) blogid parameters.

  • CVE-2006-1200Mar 14, 2006
    risk 0.00cvss epss 0.02

    Direct static code injection vulnerability in add_link.txt in daverave Link Bank allows remote attackers to execute arbitrary PHP code via the url_name parameter, which is not sanitized before being stored in links.txt, which is later used in an include statement.

  • CVE-2006-1072Mar 8, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Daverave Simplog 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a blog post.