RSS   Vulnerabilities for 'Iwebnegar'   RSS

2006-08-31
 
CVE-2006-4497

CWE-Other
 

 
SQL injection vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

 
 
CVE-2006-4496

CWE-Other
 

 
Cross-site scripting (XSS) vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to inject arbitrary web script or HTML via the comment parameter.

 
2004-12-31
 
CVE-2004-1402

 

 
SQL injection vulnerability in iWebNegar allows remote attackers to execute arbitrary SQL commands via (1) the string parameter for index.php, (2) comments.php, or (3) the administrator login page.

 


Copyright 2024, cxsecurity.com

 

Back to Top