Fuzzylime: >> Fuzzylime Cms >> 3.01 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in admin/usercheck.php in fuzzylime (cms) before 3.03 allows remote attackers to inject arbitrary web script or HTML via the user parameter to the login form.
CVSS Score
4.3
EPSS Score
0.081
Published
2008-09-24
Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter. NOTE: it was later reported that 3.01a is also affected.
CVSS Score
7.6
EPSS Score
0.096
Published
2008-07-14