Code injection

2008-12-1901:52:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.3%

JSON

index.php in the comments preview section in Textpattern (aka Txp CMS) 4.0.5 allows remote attackers to cause a denial of service via a long message parameter.

CPENameOperatorVersion
textpatterneq4.0.5

CPE	Name	Operator	Version
	textpattern	eq	4.0.5

References

secunia.com/advisories/28793

securityreason.com/securityalert/4786

www.securityfocus.com/archive/1/487483/100/200/threaded

www.securityfocus.com/bid/27606

textpattern.com/weblog/310/textpattern-406-released