Vulnerabilities for Scratcher (...) - CXSECURITY.COM

Vulnerabilities for 'Scratcher'

2010-05-06

CVE-2010-1743

CWE-89

SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVE-2010-1742

CWE-79

Cross-site scripting (XSS) vulnerability in projects.php in Scratcher allows remote attackers to inject arbitrary web script or HTML via the show parameter.

Copyright 2024, cxsecurity.com