Vulnerabilities > Directtopics > Directtopics > 2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-14 | CVE-2005-1569 | Cross-Site Scripting vulnerability in Directtopics 2.1/2.2 Cross-site scripting (XSS) vulnerability in DirectTopics 2.1 and 2.2 allows remote attackers to inject arbitrary web script via a javascript: URL in (1) a thread or (2) an IMG tag. network directtopics | 4.3 |
2005-05-12 | CVE-2005-1568 | Information Disclosure vulnerability in Directtopics topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to obtain sensitive information via an invalid topic parameter, which reveals the path in an error message. | 5.0 |
2005-05-12 | CVE-2005-1567 | SQL-Injection vulnerability in Directtopics SQL injection vulnerability in topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter. | 7.5 |