RSS   Vulnerabilities for 'Radnics'   RSS

2010-03-10
 
CVE-2009-4697

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in index.php in RadNICS Gold 5 allow remote attackers to inject arbitrary web script or HTML via the (1) order parameter in a ulist action and the (2) fid parameter in a view_forum action.

 
 
CVE-2009-4696

CWE-89
 

 
SQL injection vulnerability in index.php in RadNICS Gold 5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action.

 

 >>> Vendor: Radscripts 4 Products
Radbids
Radlance
Radclassifieds
Radnics


Copyright 2024, cxsecurity.com

 

Back to Top