Vulnerabilities > Globalmegacorp > Phpchain
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-05-14 | CVE-2007-2670 | Cross-Site Scripting vulnerability in PHPChain PHPChain 1.0 and earlier allows remote attackers to obtain the installation path via invalid values of the catid parameter to (1) settings.php or (2) cat.php, as demonstrated by XSS manipulations. network globalmegacorp | 4.3 |
2007-05-14 | CVE-2007-2669 | Cross-Site Scripting vulnerability in PHPChain Multiple cross-site scripting (XSS) vulnerabilities in PHPChain 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the catid parameter to (1) settings.php or (2) cat.php. network globalmegacorp | 4.3 |