Vendor

Includer.cgi

Products

CVEs

Across products

Status

Private

Products

CVE	CVSS	Published	Description
CVE-2005-1355	—	May 2, 2005	includer.cgi in The Includer allows remote attackers to read arbitrary files via a full pathname in the argument, a similar vulnerability to CVE-2005-0801.
CVE-2005-0801	—	May 2, 2005	Directory traversal vulnerability in includer.cgi in The Includer allows remote attackers to read arbitrary files via (1) a .. (dot dot) or (2) a full pathname in the URL.
CVE-2005-1356	—	May 2, 2005	Cross-site scripting (XSS) vulnerability in includer.cgi script in The Includer allows remote attackers to inject arbitrary web script or HTML via the argument.

CVE-2005-1355May 2, 2005
risk 0.00cvss —epss 0.00
includer.cgi in The Includer allows remote attackers to read arbitrary files via a full pathname in the argument, a similar vulnerability to CVE-2005-0801.
CVE-2005-0801May 2, 2005
risk 0.00cvss —epss 0.00
Directory traversal vulnerability in includer.cgi in The Includer allows remote attackers to read arbitrary files via (1) a .. (dot dot) or (2) a full pathname in the URL.
CVE-2005-1356May 2, 2005
risk 0.00cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in includer.cgi script in The Includer allows remote attackers to inject arbitrary web script or HTML via the argument.