Vulnerabilities > Phpgedview > Phpgedview > 4.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-05-02 | CVE-2008-2064 | Remote vulnerability in PhpGedView Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to "a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems." | 10.0 |
2007-09-24 | CVE-2007-5051 | Cross-Site Scripting vulnerability in PHPgedview 4.1.1 Multiple cross-site scripting (XSS) vulnerabilities in PhpGedView 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) box_width, (2) PEDIGREE_GENERATIONS, and (3) rootid parameters in ancestry.php, and the (4) newpid parameter in timeline.php. | 4.3 |