RSS   Vulnerabilities for 'Phpgiftreg'   RSS

2005-01-17
 
CVE-2005-0292

 

 
Multiple SQL injection vulnerabilities in index.php in PHP Gift Registry (phpGiftReg) 1.4.0, and possibly other versions before 1.5.0b1, allow remote attackers to execute arbitrary SQL commands via the (1) messageid, (2) shopper, (3) shopfor, or (4) itemid parameters.

 
2004-12-31
 
CVE-2004-2484

 

 
Cross-site scripting (XSS) vulnerability in PHP Gift Registry 1.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter to (1) event.php or (2) index.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top