Moxiecode Tinymce Compressor Php vulnerabilities
2 known vulnerabilities affecting moxiecode/tinymce_compressor_php.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2005-4600MEDIUMCVSS 6.4PoC≤ 1.052005-12-31
CVE-2005-4600 [MEDIUM] CWE-22 CVE-2005-4600: Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows
Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter.
nvd
CVE-2005-4599MEDIUMCVSS 4.3≤ 1.052005-12-31
CVE-2005-4599 [MEDIUM] CVE-2005-4599: Cross-site scripting (XSS) vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06
Cross-site scripting (XSS) vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to inject arbitrary web script or HTML via the index parameter.
nvd