RSS   Vulnerabilities for 'Mlffat'   RSS

2009-07-24
 
CVE-2009-2585

 

 
SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731.

 
2009-05-20
 
CVE-2009-1731

CWE-89
 

 
SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded supervisor cookie.

 


Copyright 2024, cxsecurity.com

 

Back to Top