RSS   Vulnerabilities for 'Free simple software'   RSS

2010-11-26
 
CVE-2010-4311

CWE-310
 

 
Free Simple Software 1.0 stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information.

 
 
CVE-2010-4298

CWE-89
 

 
SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php.

 

 >>> Vendor: Dustincowell 2 Products
Free simple cms
Free simple software


Copyright 2024, cxsecurity.com

 

Back to Top