CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

L0j1k: >> Tinymuw Security Vulnerabilities

CVE-2006-2969

Cross-site scripting (XSS) vulnerability in L0j1k tinyMuw 0.1.0 allow remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the input box in quickchat.php, and possibly other manipulations.

CVSS Score

4.3

EPSS Score

0.005

Published

2006-06-12

CVE-2006-2970

videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain sensitive information via a certain id parameter, probably with an invalid value, which reveals the path in an error message.

CVSS Score

5.0

EPSS Score

0.004

Published

2006-06-12

Page 1

Vulnerabilities

Vulnerable Software

L0j1k: >> Tinymuw Security Vulnerabilities

Products

Pricing

Contact Us