Sign in Subscribe

← All vendors

Vendor

Edittag

Products

1

CVEs

3

Across products

3

Status

Private

Products

1

Edittag
3 CVEs

Recent CVEs

3

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2007-0118		0.04	—	0.15		Jan 9, 2007	Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow remote attackers to read arbitrary files via an absolute pathname in the file parameter to (1) edittag.cgi, (2) edittag.pl, (3) edittag_mp.cgi, or (4) edittag_mp.pl.
CVE-2007-0119		0.03	—	0.02		Jan 9, 2007	Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to (1) mkpw_mp.cgi, (2) mkpw.pl, or (3) mkpw.cgi.
CVE-2003-1351		0.00	—	0.00		Dec 31, 2003	Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows remote attackers to read arbitrary files via a "%2F.." (encoded slash dot dot) in the file parameter.