Vulnerabilities > Guppy > Guppy > 4.6.3

DATE CVE VULNERABILITY TITLE RISK
2014-02-06 CVE-2013-5983 Cross-Site Scripting vulnerability in Guppy
Multiple cross-site scripting (XSS) vulnerabilities in GuppY before 4.6.28 allow remote attackers to inject arbitrary web script or HTML via the (1) "an" parameter to agenda.php or (2) cat parameter to mobile/thread.php.
network
guppy CWE-79
4.3
4.3
2007-11-06 CVE-2007-5845 Code Injection vulnerability in Guppy 4.6.3
Directory traversal vulnerability in error.php in GuppY 4.6.3, 4.5.16, and earlier allows remote attackers to include and execute arbitrary local files via a ..
network
low complexity
guppy CWE-94
7.5
7.5
2007-11-06 CVE-2007-5844 Path Traversal vulnerability in Guppy 4.6.3
Directory traversal vulnerability in inc/includes.inc in GuppY 4.6.3 allows remote attackers to include and execute arbitrary local files via a ..
network
low complexity
guppy CWE-22
7.5
7.5