Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow remote attackers to read arbitrary files via an absolute pathname in the file parameter to (1) edittag.cgi, (2) edittag.pl, (3) edittag_mp.cgi, or (4) edittag_mp.pl.
Max CVSS
4.3
EPSS Score
2.96%
Published
2007-01-09
Updated
2018-10-16
Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to (1) mkpw_mp.cgi, (2) mkpw.pl, or (3) mkpw.cgi.
Max CVSS
6.8
EPSS Score
3.87%
Published
2007-01-09
Updated
2018-10-16
2 vulnerabilities found