Vulnerabilities (CVE)

Filtered by vendor Justin Hagstrom Subscribe
Filtered by product Autoindex Php Script
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-5984 1 Justin Hagstrom 1 Autoindex Php Script 2024-02-28 7.8 HIGH N/A
classes/Url.php in Justin Hagstrom AutoIndex PHP Script before 2.2.4 allows remote attackers to cause a denial of service (CPU and memory consumption) via a %00 sequence in the dir parameter to index.php, which triggers an erroneous "recursive calculation."
CVE-2007-5983 1 Justin Hagstrom 1 Autoindex Php Script 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Justin Hagstrom AutoIndex PHP Script before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).