Vulnerabilities > Circle R

DATE CVE VULNERABILITY TITLE RISK
2006-05-30 CVE-2006-2643 Cross-Site Scripting vulnerability in Circle R Monster TOP List 1.4
Cross-site scripting (XSS) vulnerability in index.php in Monster Top List (MTL) 1.4 allows remote attackers to inject arbitrary web script or HTML via the user_error_message parameter.
network
circle-r
4.3
2006-04-13 CVE-2006-1781 Code Injection vulnerability in Circle R Monster TOP List
PHP remote file inclusion vulnerability in functions.php in Circle R Monster Top List (MTL) 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter.
network
low complexity
circle-r CWE-94
7.5