Vulnerabilities > Phpweather
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-12-30 | CVE-2008-5771 | Path Traversal vulnerability in PHPweather 2.2.2 Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter. | 7.5 |
2008-12-30 | CVE-2008-5770 | Cross-Site Scripting vulnerability in PHPweather 2.2.2 Cross-site scripting (XSS) vulnerability in config/make_config.php in PHP Weather 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | 4.3 |