| Max CVSS | 6.8 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-5670 | 6.8 |
Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote attackers to change a password after hijacking a session.
|
11-10-2018 - 20:56 | 19-12-2008 - 01:52 | |
| CVE-2008-5669 | 5.0 |
index.php in the comments preview section in Textpattern (aka Txp CMS) 4.0.5 allows remote attackers to cause a denial of service via a long message parameter.
|
11-10-2018 - 20:56 | 19-12-2008 - 01:52 | |
| CVE-2008-5757 | 3.5 |
Cross-site scripting (XSS) vulnerability in textarea/index.php in Textpattern (aka Txp CMS) 4.0.6 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Body parameter in an article action. NOTE: some of these d
|
11-10-2018 - 20:56 | 30-12-2008 - 19:30 | |
| CVE-2008-5668 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Textpattern (aka Txp CMS) 4.0.5 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to setup/index.php or (2) the name parameter to index.php in the comments previ
|
11-10-2018 - 20:56 | 19-12-2008 - 01:52 |