Electrictoad Snippetmaster Webpage Editor vulnerabilities
2 known vulnerabilities affecting electrictoad/snippetmaster_webpage_editor.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-0530P3MEDIUMCVSS 6.8PoCv2.2.22009-02-11
CVE-2009-0530 [MEDIUM] CWE-94 CVE-2009-0530: Multiple PHP remote file inclusion vulnerabilities in SnippetMaster 2.2.2, when register_globals is
Multiple PHP remote file inclusion vulnerabilities in SnippetMaster 2.2.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SESSION[SCRIPT_PATH] parameter to includes/vars.inc.php and the (2) g_pcltar_lib_dir parameter to includes/tar_lib/pcltar.lib.php.
nvd
CVE-2009-0529P4MEDIUMCVSS 4.3PoCv2.2.22009-02-11
CVE-2009-0529 [MEDIUM] CWE-79 CVE-2009-0529: Cross-site scripting (XSS) vulnerability in index.php in SnippetMaster Webpage Editor 2.2.2 allows r
Cross-site scripting (XSS) vulnerability in index.php in SnippetMaster Webpage Editor 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the language parameter.
nvd