Vulnerabilities > Justin Hagstrom
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-15 | CVE-2007-5984 | Improper Input Validation vulnerability in Justin Hagstrom Autoindex PHP Script classes/Url.php in Justin Hagstrom AutoIndex PHP Script before 2.2.4 allows remote attackers to cause a denial of service (CPU and memory consumption) via a %00 sequence in the dir parameter to index.php, which triggers an erroneous "recursive calculation." | 7.8 |
2007-11-15 | CVE-2007-5983 | Cross-Site Scripting vulnerability in Justin Hagstrom Autoindex PHP Script Cross-site scripting (XSS) vulnerability in index.php in Justin Hagstrom AutoIndex PHP Script before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF). | 4.3 |