Jam Warehouse Knowledgetree Open Source vulnerabilities
2 known vulnerabilities affecting jam_warehouse/knowledgetree_open_source.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2012-0988P4MEDIUMCVSS 4.3PoCv3.7.0.22012-09-20
CVE-2012-0988 [MEDIUM] CWE-79 CVE-2012-0988: Multiple cross-site scripting (XSS) vulnerabilities in config/dmsDefaults.php in KnowledgeTree 3.7.0
Multiple cross-site scripting (XSS) vulnerabilities in config/dmsDefaults.php in KnowledgeTree 3.7.0.2 and possibly earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) login.php, (2) admin.php, or (3) preferences.php.
nvd
CVE-2006-2886P4MEDIUMCVSS 4.3v3.0.32006-06-07
CVE-2006-2886 [MEDIUM] CVE-2006-2886: view.php in KnowledgeTree Open Source 3.0.3 and earlier allows remote attackers to obtain the full i
view.php in KnowledgeTree Open Source 3.0.3 and earlier allows remote attackers to obtain the full installation path via a crafted fDocumentId parameter, which displays the path in the resulting error message. NOTE: this might be resultant from another vulnerability, since this vector also produces XSS.
nvd