Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|---|
CVE-2010-4608 | Dec 29, 2010 | Habari 0.6.5 allows remote attackers to obtain sensitive information via a direct request to (1) header.php and (2) comments_items.php in system/admin/ more... |
0.6.5
|
||
CVE-2010-4607 | Dec 29, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in Habari 0.6.5, when register_globals is enabled, allow remote attackers to inject arbitrary web s more... |
0.6.5
|
||
BDSA-2016-0830 | High | Nov 02, 2017 | Habari CMS is vulnerable to persistent cross-site scripting (*XSS*). This is due to the `name` parameter in the `comments` module not being sufficient more... |