Extrosoft Thyme vulnerabilities
3 known vulnerabilities affecting extrosoft/thyme.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-0535P3HIGHCVSS 7.5PoCv1.32009-02-11
CVE-2009-0535 [HIGH] CWE-22 CVE-2009-0535: Directory traversal vulnerability in export.php in Thyme 1.3 and earlier, when register_globals is d
Directory traversal vulnerability in export.php in Thyme 1.3 and earlier, when register_globals is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the export_to parameter.
nvd
CVE-2008-6404P4MEDIUMCVSS 4.3PoCv1.32009-03-06
CVE-2008-6404 [MEDIUM] CWE-79 CVE-2008-6404: Cross-site scripting (XSS) vulnerability in add_calendars.php in eXtrovert Software Thyme 1.3 allows
Cross-site scripting (XSS) vulnerability in add_calendars.php in eXtrovert Software Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the callback parameter.
nvd
CVE-2006-2117P4MEDIUMCVSS 4.3v1.32006-05-01
CVE-2006-2117 [MEDIUM] CVE-2006-2117: Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote attackers to inject arbitrary we
Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the search page.
nvd