Vulnerabilities > Moxiecode > Tinymce Compressor PHP
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-31 | CVE-2005-4600 | Path Traversal vulnerability in Moxiecode Tinymce Compressor PHP Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter. | 6.4 |
2005-12-31 | CVE-2005-4599 | Multiple vulnerability in TinyMCE Compressor Cross-site scripting (XSS) vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to inject arbitrary web script or HTML via the index parameter. network moxiecode | 4.3 |