Vulnerabilities > Greymatter

DATE CVE VULNERABILITY TITLE RISK
2006-03-29 CVE-2006-1485 Unspecified vulnerability in Greymatter
gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users with upload privileges to execute arbitrary programs by uploading files to locations within the web root.
network
low complexity
greymatter
6.5
2005-09-07 CVE-2005-2816 Cross-Site Scripting vulnerability in Greymatter
Cross-site scripting (XSS) vulnerability in Greymatter allows remote attackers to inject arbitrary web script or HTML via a post comment, which is recorded in a log file but not properly handled when the administrator uses "View Control Panel Log" to read the log file.
network
greymatter
4.3