Open Source Development Network » Slashcode : Security Vulnerabilities, CVEs, CVSS score >= 6
Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in Slashcode, allows remote authenticated users to gain access to arbitrary accounts.
Max CVSS
7.2
EPSS Score
0.22%
Published
2002-12-31
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph <P> tag.
Max CVSS
6.8
EPSS Score
0.53%
Published
2002-12-31
Updated
2017-07-11
The default configuration of Slashcode before version 2.0 Alpha has a default administrative password, which allows remote attackers to gain Slashcode privileges and possibly execute arbitrary commands.
Max CVSS
7.5
EPSS Score
0.53%
Published
2000-12-11
Updated
2017-12-19
3 vulnerabilities found