Vulnerabilities > Contentcustomizer
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-05 | CVE-2007-5817 | Cross-Site Scripting vulnerability in Contentcustomizer dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a (1) del, (2) delbackup, (3) res, or (4) ren action. | 4.3 |
2007-11-05 | CVE-2007-5816 | Information Exposure vulnerability in Contentcustomizer 3.1Mp dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the newlocalpassword password input field in the HTML source of the resulting page. | 5.0 |