Imagevue
Products
1- 5 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-0702 | 0.04 | — | 0.07 | Feb 15, 2006 | admin/upload.php in imageVue 16.1 allows remote attackers to upload arbitrary files to certain allowed folders via .. (dot dot) sequences in the path parameter. NOTE: due to the lack of details, the specific vulnerability type cannot be determined, although it might be due to… | |||
| CVE-2006-0700 | 0.04 | — | 0.07 | Feb 15, 2006 | imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions. | |||
| CVE-2006-0701 | 0.04 | — | 0.08 | Feb 15, 2006 | readfolder.php in imageVue 16.1 allows remote attackers to list directories via modified path and ext parameters. | |||
| CVE-2008-1273 | 0.03 | — | 0.01 | Mar 10, 2008 | Multiple cross-site scripting (XSS) vulnerabilities in imageVue 1.7 allow remote attackers to inject arbitrary web script or HTML via the path parameter to (1) popup.php, (2) test/dir2.php, (3) admin/upload.php, and (4) dirxml.php in upload/. NOTE: the provenance of this… | |||
| CVE-2006-0703 | 0.03 | — | 0.04 | Feb 15, 2006 | Unspecified vulnerability in index.php in imageVue 16.1 has unknown impact, probably a cross-site scripting (XSS) vulnerability involving the query string that is not quoted when inserted into style and body tags, as demonstrated using a bgcol parameter. |
- CVE-2006-0702Feb 15, 2006risk 0.04cvss —epss 0.07
admin/upload.php in imageVue 16.1 allows remote attackers to upload arbitrary files to certain allowed folders via .. (dot dot) sequences in the path parameter. NOTE: due to the lack of details, the specific vulnerability type cannot be determined, although it might be due to…
- CVE-2006-0700Feb 15, 2006risk 0.04cvss —epss 0.07
imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions.
- CVE-2006-0701Feb 15, 2006risk 0.04cvss —epss 0.08
readfolder.php in imageVue 16.1 allows remote attackers to list directories via modified path and ext parameters.
- CVE-2008-1273Mar 10, 2008risk 0.03cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in imageVue 1.7 allow remote attackers to inject arbitrary web script or HTML via the path parameter to (1) popup.php, (2) test/dir2.php, (3) admin/upload.php, and (4) dirxml.php in upload/. NOTE: the provenance of this…
- CVE-2006-0703Feb 15, 2006risk 0.03cvss —epss 0.04
Unspecified vulnerability in index.php in imageVue 16.1 has unknown impact, probably a cross-site scripting (XSS) vulnerability involving the query string that is not quoted when inserted into style and body tags, as demonstrated using a bgcol parameter.