Websecurity

2 exploits Active since Oct 2007
CVE-2007-5255 EXPLOITDB text WORKING POC
Google Mini Search Appliance 3.4.14 - Cross-Site Scripting via ie Parameter
Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance 3.4.14 allows remote attackers to inject arbitrary web script or HTML via the ie parameter to the /search URI.
CVE-2009-5112 EXPLOITDB text WRITEUP
iwork WebGlimpse <= 2.18.7 - Exposure of Sensitive Information via wgarcmin.cgi
wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to obtain the installation path via a crafted request.