Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2008-1049 (GCVE-0-2008-1049)

Vulnerability from nvd – Published: 2008-02-27 19:00 – Updated: 2024-08-07 08:08

Summary

Unspecified vulnerability in Parallels SiteStudio before 1.7.2, and 1.8.x before 1.8b, as used in Parallels H-Sphere 3.0 before Patch 9 and 2.5 before Patch 11, has unknown impact and attack vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.psoft.net/misc/hs_ss_technical_update.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/28002	vdb-entryx_refsource_BID
	http://secunia.com/advisories/29084	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1019506	vdb-entryx_refsource_SECTRACK

Date Public ?

2008-02-26 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:08:57.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.psoft.net/misc/hs_ss_technical_update.html"
          },
          {
            "name": "28002",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28002"
          },
          {
            "name": "29084",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29084"
          },
          {
            "name": "hsphere-sitestudio-unspecified(40846)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40846"
          },
          {
            "name": "1019506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019506"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-02-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Parallels SiteStudio before 1.7.2, and 1.8.x before 1.8b, as used in Parallels H-Sphere 3.0 before Patch 9 and 2.5 before Patch 11, has unknown impact and attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.psoft.net/misc/hs_ss_technical_update.html"
        },
        {
          "name": "28002",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28002"
        },
        {
          "name": "29084",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29084"
        },
        {
          "name": "hsphere-sitestudio-unspecified(40846)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40846"
        },
        {
          "name": "1019506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019506"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1049",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Parallels SiteStudio before 1.7.2, and 1.8.x before 1.8b, as used in Parallels H-Sphere 3.0 before Patch 9 and 2.5 before Patch 11, has unknown impact and attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.psoft.net/misc/hs_ss_technical_update.html",
              "refsource": "CONFIRM",
              "url": "http://www.psoft.net/misc/hs_ss_technical_update.html"
            },
            {
              "name": "28002",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28002"
            },
            {
              "name": "29084",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29084"
            },
            {
              "name": "hsphere-sitestudio-unspecified(40846)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40846"
            },
            {
              "name": "1019506",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019506"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1049",
    "datePublished": "2008-02-27T19:00:00.000Z",
    "dateReserved": "2008-02-27T00:00:00.000Z",
    "dateUpdated": "2024-08-07T08:08:57.323Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-2633 (GCVE-0-2007-2633)

Vulnerability from nvd – Published: 2007-05-13 23:00 – Updated: 2024-08-07 13:42

Summary

Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or include and execute, arbitrary local files via a .. (dot dot) in the template parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2007/1772	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/25243	third-party-advisoryx_refsource_SECUNIA
	http://www.psoft.net/SS/fixes/index.php?id=94	x_refsource_CONFIRM
	http://osvdb.org/35977	vdb-entryx_refsource_OSVDB

Date Public ?

2007-05-11 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:42:33.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "hsphere-template-directory-traversal(34243)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34243"
          },
          {
            "name": "ADV-2007-1772",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1772"
          },
          {
            "name": "25243",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25243"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.psoft.net/SS/fixes/index.php?id=94"
          },
          {
            "name": "35977",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/35977"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or include and execute, arbitrary local files via a .. (dot dot) in the template parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "hsphere-template-directory-traversal(34243)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34243"
        },
        {
          "name": "ADV-2007-1772",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1772"
        },
        {
          "name": "25243",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25243"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.psoft.net/SS/fixes/index.php?id=94"
        },
        {
          "name": "35977",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/35977"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2633",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or include and execute, arbitrary local files via a .. (dot dot) in the template parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "hsphere-template-directory-traversal(34243)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34243"
            },
            {
              "name": "ADV-2007-1772",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1772"
            },
            {
              "name": "25243",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25243"
            },
            {
              "name": "http://www.psoft.net/SS/fixes/index.php?id=94",
              "refsource": "CONFIRM",
              "url": "http://www.psoft.net/SS/fixes/index.php?id=94"
            },
            {
              "name": "35977",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/35977"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2633",
    "datePublished": "2007-05-13T23:00:00.000Z",
    "dateReserved": "2007-05-13T00:00:00.000Z",
    "dateUpdated": "2024-08-07T13:42:33.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-1605 (GCVE-0-2005-1605)

Vulnerability from nvd – Published: 2005-05-16 04:00 – Updated: 2024-08-07 21:59

Summary

Cross-site scripting (XSS) vulnerability in the guestbook for SiteStudio 1.6 allows remote attackers to inject arbitrary web script or HTML via the name field to (1) psoft.guestbook.GuestBookServ in Standalone Site Studio or (2) E-Guest_sign.pl in Integrated Site Studio with H-Sphere.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/15286	third-party-advisoryx_refsource_SECUNIA
	http://www.derkeiler.com/Mailing-Lists/Full-Discl…	mailing-listx_refsource_FULLDISC
	http://exploitlabs.com/files/advisories/EXPL-A-20…	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.psoft.net/misc/hsphere_winbox_security…	x_refsource_CONFIRM
	http://www.osvdb.org/16240	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/bid/13554	vdb-entryx_refsource_BID
	http://www.psoft.net/SS/ss_16_security_update_gue…	x_refsource_CONFIRM

Date Public ?

2005-05-09 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:59:23.555Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "15286",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15286"
          },
          {
            "name": "20050509 SiteStudio",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0154.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://exploitlabs.com/files/advisories/EXPL-A-2005-008-sitestudio.txt"
          },
          {
            "name": "sitestudio-guestbook-xss(20496)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20496"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.psoft.net/misc/hsphere_winbox_security_update_guestbook.html"
          },
          {
            "name": "16240",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/16240"
          },
          {
            "name": "13554",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13554"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.psoft.net/SS/ss_16_security_update_guestbook.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-05-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the guestbook for SiteStudio 1.6 allows remote attackers to inject arbitrary web script or HTML via the name field to (1) psoft.guestbook.GuestBookServ in Standalone Site Studio or (2) E-Guest_sign.pl in Integrated Site Studio with H-Sphere."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "15286",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15286"
        },
        {
          "name": "20050509 SiteStudio",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0154.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://exploitlabs.com/files/advisories/EXPL-A-2005-008-sitestudio.txt"
        },
        {
          "name": "sitestudio-guestbook-xss(20496)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20496"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.psoft.net/misc/hsphere_winbox_security_update_guestbook.html"
        },
        {
          "name": "16240",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/16240"
        },
        {
          "name": "13554",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13554"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.psoft.net/SS/ss_16_security_update_guestbook.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1605",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the guestbook for SiteStudio 1.6 allows remote attackers to inject arbitrary web script or HTML via the name field to (1) psoft.guestbook.GuestBookServ in Standalone Site Studio or (2) E-Guest_sign.pl in Integrated Site Studio with H-Sphere."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "15286",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15286"
            },
            {
              "name": "20050509 SiteStudio",
              "refsource": "FULLDISC",
              "url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0154.html"
            },
            {
              "name": "http://exploitlabs.com/files/advisories/EXPL-A-2005-008-sitestudio.txt",
              "refsource": "MISC",
              "url": "http://exploitlabs.com/files/advisories/EXPL-A-2005-008-sitestudio.txt"
            },
            {
              "name": "sitestudio-guestbook-xss(20496)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20496"
            },
            {
              "name": "http://www.psoft.net/misc/hsphere_winbox_security_update_guestbook.html",
              "refsource": "CONFIRM",
              "url": "http://www.psoft.net/misc/hsphere_winbox_security_update_guestbook.html"
            },
            {
              "name": "16240",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/16240"
            },
            {
              "name": "13554",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13554"
            },
            {
              "name": "http://www.psoft.net/SS/ss_16_security_update_guestbook.html",
              "refsource": "CONFIRM",
              "url": "http://www.psoft.net/SS/ss_16_security_update_guestbook.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1605",
    "datePublished": "2005-05-16T04:00:00.000Z",
    "dateReserved": "2005-05-16T00:00:00.000Z",
    "dateUpdated": "2024-08-07T21:59:23.555Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-1049 (GCVE-0-2008-1049)

Vulnerability from cvelistv5 – Published: 2008-02-27 19:00 – Updated: 2024-08-07 08:08

Summary

Unspecified vulnerability in Parallels SiteStudio before 1.7.2, and 1.8.x before 1.8b, as used in Parallels H-Sphere 3.0 before Patch 9 and 2.5 before Patch 11, has unknown impact and attack vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.psoft.net/misc/hs_ss_technical_update.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/28002	vdb-entryx_refsource_BID
	http://secunia.com/advisories/29084	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1019506	vdb-entryx_refsource_SECTRACK

Date Public ?

2008-02-26 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:08:57.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.psoft.net/misc/hs_ss_technical_update.html"
          },
          {
            "name": "28002",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28002"
          },
          {
            "name": "29084",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29084"
          },
          {
            "name": "hsphere-sitestudio-unspecified(40846)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40846"
          },
          {
            "name": "1019506",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019506"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-02-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Parallels SiteStudio before 1.7.2, and 1.8.x before 1.8b, as used in Parallels H-Sphere 3.0 before Patch 9 and 2.5 before Patch 11, has unknown impact and attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.psoft.net/misc/hs_ss_technical_update.html"
        },
        {
          "name": "28002",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28002"
        },
        {
          "name": "29084",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29084"
        },
        {
          "name": "hsphere-sitestudio-unspecified(40846)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40846"
        },
        {
          "name": "1019506",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019506"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1049",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Parallels SiteStudio before 1.7.2, and 1.8.x before 1.8b, as used in Parallels H-Sphere 3.0 before Patch 9 and 2.5 before Patch 11, has unknown impact and attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.psoft.net/misc/hs_ss_technical_update.html",
              "refsource": "CONFIRM",
              "url": "http://www.psoft.net/misc/hs_ss_technical_update.html"
            },
            {
              "name": "28002",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28002"
            },
            {
              "name": "29084",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29084"
            },
            {
              "name": "hsphere-sitestudio-unspecified(40846)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40846"
            },
            {
              "name": "1019506",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019506"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1049",
    "datePublished": "2008-02-27T19:00:00.000Z",
    "dateReserved": "2008-02-27T00:00:00.000Z",
    "dateUpdated": "2024-08-07T08:08:57.323Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-2633 (GCVE-0-2007-2633)

Vulnerability from cvelistv5 – Published: 2007-05-13 23:00 – Updated: 2024-08-07 13:42

Summary

Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or include and execute, arbitrary local files via a .. (dot dot) in the template parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2007/1772	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/25243	third-party-advisoryx_refsource_SECUNIA
	http://www.psoft.net/SS/fixes/index.php?id=94	x_refsource_CONFIRM
	http://osvdb.org/35977	vdb-entryx_refsource_OSVDB

Date Public ?

2007-05-11 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:42:33.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "hsphere-template-directory-traversal(34243)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34243"
          },
          {
            "name": "ADV-2007-1772",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1772"
          },
          {
            "name": "25243",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25243"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.psoft.net/SS/fixes/index.php?id=94"
          },
          {
            "name": "35977",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/35977"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or include and execute, arbitrary local files via a .. (dot dot) in the template parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "hsphere-template-directory-traversal(34243)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34243"
        },
        {
          "name": "ADV-2007-1772",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1772"
        },
        {
          "name": "25243",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25243"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.psoft.net/SS/fixes/index.php?id=94"
        },
        {
          "name": "35977",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/35977"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2633",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or include and execute, arbitrary local files via a .. (dot dot) in the template parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "hsphere-template-directory-traversal(34243)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34243"
            },
            {
              "name": "ADV-2007-1772",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1772"
            },
            {
              "name": "25243",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25243"
            },
            {
              "name": "http://www.psoft.net/SS/fixes/index.php?id=94",
              "refsource": "CONFIRM",
              "url": "http://www.psoft.net/SS/fixes/index.php?id=94"
            },
            {
              "name": "35977",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/35977"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2633",
    "datePublished": "2007-05-13T23:00:00.000Z",
    "dateReserved": "2007-05-13T00:00:00.000Z",
    "dateUpdated": "2024-08-07T13:42:33.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-1605 (GCVE-0-2005-1605)

Vulnerability from cvelistv5 – Published: 2005-05-16 04:00 – Updated: 2024-08-07 21:59

Summary

Cross-site scripting (XSS) vulnerability in the guestbook for SiteStudio 1.6 allows remote attackers to inject arbitrary web script or HTML via the name field to (1) psoft.guestbook.GuestBookServ in Standalone Site Studio or (2) E-Guest_sign.pl in Integrated Site Studio with H-Sphere.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/15286	third-party-advisoryx_refsource_SECUNIA
	http://www.derkeiler.com/Mailing-Lists/Full-Discl…	mailing-listx_refsource_FULLDISC
	http://exploitlabs.com/files/advisories/EXPL-A-20…	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.psoft.net/misc/hsphere_winbox_security…	x_refsource_CONFIRM
	http://www.osvdb.org/16240	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/bid/13554	vdb-entryx_refsource_BID
	http://www.psoft.net/SS/ss_16_security_update_gue…	x_refsource_CONFIRM

Date Public ?

2005-05-09 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:59:23.555Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "15286",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15286"
          },
          {
            "name": "20050509 SiteStudio",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0154.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://exploitlabs.com/files/advisories/EXPL-A-2005-008-sitestudio.txt"
          },
          {
            "name": "sitestudio-guestbook-xss(20496)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20496"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.psoft.net/misc/hsphere_winbox_security_update_guestbook.html"
          },
          {
            "name": "16240",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/16240"
          },
          {
            "name": "13554",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13554"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.psoft.net/SS/ss_16_security_update_guestbook.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-05-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the guestbook for SiteStudio 1.6 allows remote attackers to inject arbitrary web script or HTML via the name field to (1) psoft.guestbook.GuestBookServ in Standalone Site Studio or (2) E-Guest_sign.pl in Integrated Site Studio with H-Sphere."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "15286",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15286"
        },
        {
          "name": "20050509 SiteStudio",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0154.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://exploitlabs.com/files/advisories/EXPL-A-2005-008-sitestudio.txt"
        },
        {
          "name": "sitestudio-guestbook-xss(20496)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20496"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.psoft.net/misc/hsphere_winbox_security_update_guestbook.html"
        },
        {
          "name": "16240",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/16240"
        },
        {
          "name": "13554",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13554"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.psoft.net/SS/ss_16_security_update_guestbook.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1605",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the guestbook for SiteStudio 1.6 allows remote attackers to inject arbitrary web script or HTML via the name field to (1) psoft.guestbook.GuestBookServ in Standalone Site Studio or (2) E-Guest_sign.pl in Integrated Site Studio with H-Sphere."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "15286",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15286"
            },
            {
              "name": "20050509 SiteStudio",
              "refsource": "FULLDISC",
              "url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0154.html"
            },
            {
              "name": "http://exploitlabs.com/files/advisories/EXPL-A-2005-008-sitestudio.txt",
              "refsource": "MISC",
              "url": "http://exploitlabs.com/files/advisories/EXPL-A-2005-008-sitestudio.txt"
            },
            {
              "name": "sitestudio-guestbook-xss(20496)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20496"
            },
            {
              "name": "http://www.psoft.net/misc/hsphere_winbox_security_update_guestbook.html",
              "refsource": "CONFIRM",
              "url": "http://www.psoft.net/misc/hsphere_winbox_security_update_guestbook.html"
            },
            {
              "name": "16240",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/16240"
            },
            {
              "name": "13554",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13554"
            },
            {
              "name": "http://www.psoft.net/SS/ss_16_security_update_guestbook.html",
              "refsource": "CONFIRM",
              "url": "http://www.psoft.net/SS/ss_16_security_update_guestbook.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1605",
    "datePublished": "2005-05-16T04:00:00.000Z",
    "dateReserved": "2005-05-16T00:00:00.000Z",
    "dateUpdated": "2024-08-07T21:59:23.555Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

6 vulnerabilities found for sitestudio by positive_software

CVE-2008-1049 (GCVE-0-2008-1049)

CVE-2007-2633 (GCVE-0-2007-2633)

CVE-2005-1605 (GCVE-0-2005-1605)

CVE-2008-1049 (GCVE-0-2008-1049)

CVE-2007-2633 (GCVE-0-2007-2633)

CVE-2005-1605 (GCVE-0-2005-1605)