CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Moxiecode: >> Tinymce Compressor Php Security Vulnerabilities

CVE-2005-4599

Cross-site scripting (XSS) vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to inject arbitrary web script or HTML via the index parameter.

CVSS Score

4.3

EPSS Score

0.009

Published

2005-12-31

CVE-2005-4600

Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter.

CVSS Score

6.4

EPSS Score

0.124

Published

2005-12-31

Page 1

Vulnerabilities

Vulnerable Software

Moxiecode: >> Tinymce Compressor Php Security Vulnerabilities

Products

Pricing

Contact Us