Vulnerabilities (CVE)

Filtered by vendor Kplaylist Subscribe
Filtered by product Kplaylist
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-3750 1 Kplaylist 1 Kplaylist 2024-02-04 5.0 MEDIUM N/A
kPlaylist 1.8.502 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by getid3/getid3/write.id3v1.php and certain other files.
CVE-2005-3841 1 Kplaylist 1 Kplaylist 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in kPlaylist 1.6 (build 400), and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchfor search parameter.