Vulnerabilities (CVE)

Filtered by vendor Directtopics Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-1567 1 Directtopics 1 Directtopics 2024-02-04 7.5 HIGH N/A
SQL injection vulnerability in topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter.
CVE-2005-1569 1 Directtopics 1 Directtopics 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in DirectTopics 2.1 and 2.2 allows remote attackers to inject arbitrary web script via a javascript: URL in (1) a thread or (2) an IMG tag.
CVE-2005-1568 1 Directtopics 1 Directtopics 2024-02-04 5.0 MEDIUM N/A
topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to obtain sensitive information via an invalid topic parameter, which reveals the path in an error message.