Vulnerabilities > F3Site
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-06 | CVE-2007-0764 | File-Upload vulnerability in F3Site 2.1 Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir parameter in adm.php. | 6.5 |
2007-02-06 | CVE-2007-0763 | HTML Injection vulnerability in F3Site 2.1 Cross-site scripting (XSS) vulnerability in the news comment functionality in F3Site 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the Autor field. network f3site | 6.8 |