CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2008-1214
https://notcve.org/view.php?id=CVE-2008-1214
08 Mar 2008 — MRcgi/MRProcessIncomingForms.pl in Numara FootPrints 8.1 on Linux allows remote attackers to execute arbitrary code via shell metacharacters in the PROJECTNUM parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. MRcgi/MRProcessIncomingForms.pl en Numara FootPrints 8.1 para Linux permite a atacantes remotos ejecutar código de su elección a través de metacaracteres de consola en el parámetro PROJECTNUM. NOTA: el origen de esta informació... • http://secunia.com/advisories/28659 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2008-1213
https://notcve.org/view.php?id=CVE-2008-1213
08 Mar 2008 — Cross-site scripting (XSS) vulnerability in Numara FootPrints for Linux 8.1 allows remote attackers to inject arbitrary web script or HTML via the Title form field when setting an appointment. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Numara FootPrints para Linux 8.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del cam... • http://secunia.com/advisories/28659 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •