Vulnerabilities > Phpweather

DATE CVE VULNERABILITY TITLE RISK
2008-12-30 CVE-2008-5771 Path Traversal vulnerability in PHPweather 2.2.2
Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.
network
low complexity
phpweather CWE-22
7.5
2008-12-30 CVE-2008-5770 Cross-Site Scripting vulnerability in PHPweather 2.2.2
Cross-site scripting (XSS) vulnerability in config/make_config.php in PHP Weather 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
network
phpweather CWE-79
4.3