RSS   Vulnerabilities for 'Pfile'   RSS

2012-02-24
 
CVE-2012-1211

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in pfile/kommentar.php in Powie pFile 1.02 allows remote attackers to inject arbitrary web script or HTML via the filecat parameter.

 
 
CVE-2012-1210

CWE-89
 

 
SQL injection vulnerability in pfile/file.php in Powie pFile 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter.

 

 >>> Vendor: Powie 7 Products
Pforum
Pnews
Php matchmaker
PSYS
Plink
Pfile
PGB


Copyright 2024, cxsecurity.com

 

Back to Top