tdiary 漏洞與 CVE 列表(4)

產品(CPE): — CVE 數: 4

tdiary 漏洞概覽

彙總 tdiary 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

歷史漏洞主要涉及 跨站腳本與輸入驗證問題 等問題,部分漏洞可能導致 異常行為,並影響 軟體部署與生產負載 相關場景。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 144 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2010-0726 Cross-site scripting (XSS) vulnerability in the tb-send.rb (TrackBack transmission) plugin in tDiary 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors, possibly related to the (1) plugin_tb_url and (2) plugin_tb_excerpt parameters. [email protected] 4.3 1.98% 2010-03-02 2026-06-16
CVE-2006-6852 Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 allows remote authenticated users to execute arbitrary Ruby code via unspecified vectors, possibly related to incorrect input validation by (1) conf.rhtml and (2) i.conf.rhtml. NOTE: some of these details are obtained from third party information. [email protected] 6.0 0.98% 2006-12-31 2026-06-16
CVE-2006-6174 Cross-site scripting (XSS) vulnerability in tDiary before 2.0.3 and 2.1.x before 2.1.4.20061126 allows remote attackers to inject arbitrary web script or HTML via the conf parameter in (1) tdiary.rb and (2) skel/conf.rhtml. [email protected] 4.3 1.56% 2006-11-30 2026-06-16
CVE-2005-2411 Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user. [email protected] 5.1 1.91% 2005-08-01 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence