RSS   Vulnerabilities for 'Ebrigade'   RSS

2019-09-30
 
CVE-2019-16745

CWE-89
 

 
eBrigade before 5.0 has evenement_choice.php chxCal SQL Injection.

 
 
CVE-2019-16744

CWE-89
 

 
eBrigade before 5.0 has evenements.php cid SQL Injection.

 
 
CVE-2019-16743

CWE-89
 

 
eBrigade before 5.0 has evenement_ical.php evenement SQL Injection.

 
2019-03-07
 
CVE-2019-9622

CWE-22
 

 
eBrigade through 4.5 allows Arbitrary File Download via ../ directory traversal in the showfile.php file parameter, as demonstrated by reading the user-data/save/backup.sql file.

 


Copyright 2024, cxsecurity.com

 

Back to Top