This page aggregates publicly disclosed CVE and security risk information related to includer.cgi, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2005-1356 | Cross-site scripting (XSS) vulnerability in includer.cgi script in The Includer allows remote attackers to inject arbitrary web script or HTML via the argument. | [email protected] | 4.3 | 0.95% | 2005-05-02 | 2026-04-16 |
| CVE-2005-1355 | includer.cgi in The Includer allows remote attackers to read arbitrary files via a full pathname in the argument, a similar vulnerability to CVE-2005-0801. | [email protected] | 5.0 | 1.19% | 2005-05-02 | 2026-04-16 |
| CVE-2005-0801 | Directory traversal vulnerability in includer.cgi in The Includer allows remote attackers to read arbitrary files via (1) a .. (dot dot) or (2) a full pathname in the URL. | [email protected] | 5.0 | 1.47% | 2005-05-02 | 2026-04-16 |