CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Nusoftware: >> Nubuilder >> 09.06.10 Security Vulnerabilities

CVE-2010-2849

Cross-site scripting (XSS) vulnerability in productionnu2/nuedit.php in nuBuilder 10.04.20, and possibly other versions before 10.07.12, allows remote attackers to inject arbitrary web script or HTML via the f parameter.

CVSS Score

4.3

EPSS Score

0.007

Published

2010-07-25

CVE-2010-2850

Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and possibly other versions before 10.07.12, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dir parameter.

CVSS Score

6.8

EPSS Score

0.064

Published

2010-07-25

Page 1

Vulnerabilities

Vulnerable Software

Nusoftware: >> Nubuilder >> 09.06.10 Security Vulnerabilities

Products

Pricing

Contact Us