Vulnerabilities > CGI Rescue > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-05-26 | CVE-2009-1790 | Cross-Site Scripting vulnerability in CGI Rescue Cross-site scripting (XSS) vulnerability in CGI RESCUE Trees before 2.11 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 4.3 |
| 2009-05-08 | CVE-2009-1591 | Cross-Site Scripting vulnerability in CGI Rescue CGI web Mailer CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting (XSS) or HTTP response splitting attacks, via CRLF sequences in an unspecified web form. | 4.3 |
| 2009-05-08 | CVE-2009-1590 | Unspecified vulnerability in CGI Rescue Form2Mail 1.21 Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email to arbitrary recipients via a web form. | 5.0 |
| 2009-05-08 | CVE-2009-1589 | Unspecified vulnerability in CGI Rescue CGI Rescue Minibbs22 Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows remote attackers to send email to arbitrary recipients via unknown vectors. | 5.0 |
| 2009-05-08 | CVE-2009-1588 | Cross-Site Scripting vulnerability in CGI Rescue CGI Rescue Minibbs 10.0/8.0/9.0 Cross-site scripting (XSS) vulnerability in CGI RESCUE MiniBBS 8t before 8.95t, 8 before 8.95, 9 before 9.08, and 10 before 10.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-12-26 | CVE-2008-5723 | Path Traversal vulnerability in Cgi-Rescue Kannibbs2000 and Kannibbs2000I Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka KanniBBS2000i, MiniBBS2000, and MiniBBS2000i) before 1.03 allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |
| 2007-09-04 | CVE-2007-4655 | Path Traversal vulnerability in Cgi-Rescue Shopping Basket Professional Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi. | 5.0 |
| 2007-01-29 | CVE-2007-0547 | Cross-Site Scripting vulnerability in WebFORM Cross-site scripting (XSS) vulnerability in CGI-RESCUE WebFORM 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network cgi-rescue | 4.3 |
| 2006-08-24 | CVE-2006-4344 | Email Header Injection vulnerability in Cgi-Rescue Mail F W System 8.3 CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) before 8.3 allows remote attackers to spoof e-mails and inject e-mail headers via unspecified vectors in (1) mail.cgi and (2) query.cgi. | 5.0 |
| 2006-06-12 | CVE-2006-2944 | Unspecified vulnerability in Cgi-Rescue Form2Mail Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. | 5.0 |