Vulnerabilities > Annuaire > Directory > 1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-03 | CVE-2006-1434 | HTML Injection vulnerability in Annuaire Directory 1.0 Cross-site scripting (XSS) vulnerability in inscription.php in Annuaire (Directory) 1.0 allows remote attackers to inject arbitrary web script or HTML via the Comment Field (COMMENTAIRE parameter). network annuaire | 6.8 |
2006-04-03 | CVE-2006-1433 | Information Disclosure vulnerability in Annuaire Directory 1.0 Annuaire (Directory) 1.0 allows remote attackers to obtain sensitive information via a direct request to include/lang-en.php, which reveals the full installation path. | 5.0 |