Vulnerabilities > Darrens 5 Dollar Script Archive > Osdate
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-07-21 | CVE-2006-3767 | HTML Injection vulnerability in Osdate 1.1.5/1.1.6 Cross-site scripting (XSS) vulnerability in showprofile.php in Darren's $5 Script Archive osDate 1.1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the onerror attribute in an HTML IMG tag with a non-existent source file in txtcomment parameter, which is used when posting a comment. network darrens-5-dollar-script-archive | 6.8 |
2006-07-21 | CVE-2006-3766 | Remote Security vulnerability in Osdate 1.1.5/1.1.6 Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a txtrating parameter with a score greater than the intended maximum of 10. | 5.0 |