Textpattern : Security Vulnerabilities, CVEs, (Denial of service)

CVE-2018-1000090

textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature that can result in Denial of service in context to the web server by exhausting server memory resources. This attack appear to be exploitable via Uploading a specially crafted XML file.
Max CVSS
7.8
EPSS Score
0.09%
Published
2018-03-13
Updated
2018-04-13

CVE-2008-5669

index.php in the comments preview section in Textpattern (aka Txp CMS) 4.0.5 allows remote attackers to cause a denial of service via a long message parameter.
Max CVSS
5.0
EPSS Score
1.38%
Published
2008-12-19
Updated
2018-10-11
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close