Ramoncastro Siestta vulnerabilities
2 known vulnerabilities affecting ramoncastro/siestta.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2010-1710P3MEDIUMCVSS 6.8PoCv2.02010-05-04
CVE-2010-1710 [MEDIUM] CWE-22 CVE-2010-1710: Directory traversal vulnerability in login.php in Siestta 2.0, when register_globals is enabled, all
Directory traversal vulnerability in login.php in Siestta 2.0, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the idioma parameter.
nvd
CVE-2010-1711P4MEDIUMCVSS 4.3PoCv2.02010-05-04
CVE-2010-1711 [MEDIUM] CWE-79 CVE-2010-1711: Cross-site scripting (XSS) vulnerability in carga_foto_al.php in Siestta 2.0, when register_globals
Cross-site scripting (XSS) vulnerability in carga_foto_al.php in Siestta 2.0, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the usuario parameter.
nvd