RSS   Vulnerabilities for 'Easy-content forums'   RSS

2006-05-31
 
CVE-2006-2697

CWE-Other
 

 
Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) startletter parameter in userview.asp and the (2) forumname parameter in topics.asp.

 
 
CVE-2006-2696

CWE-Other
 

 
Cross-site scripting (XSS) vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) startletter parameter in userview.asp and the (2) catid parameter in topics.asp.

 


Copyright 2024, cxsecurity.com

 

Back to Top