RSS   Vulnerabilities for 'Messageriescripthp'   RSS

2006-12-13
 
CVE-2006-6521

CWE-Other
 

 
SQL injection vulnerability in lire-avis.php in Messageriescripthp 2.0 allows remote attackers to execute arbitrary SQL commands via the aa parameter.

 
 
CVE-2006-6520

CWE-Other
 

 
Multiple cross-site scripting (XSS) vulnerabilities in Messageriescripthp 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) pseudo parameter to (a) existepseudo.php, the (2) email parameter to (b) existeemail.php, or the (3) pageName or (4) cssform parameter to (c) Contact/contact.php.

 

 >>> Vendor: Scriptphp 4 Products
Annoncescripthp
Pronews
Messageriescripthp
Picengine


Copyright 2024, cxsecurity.com

 

Back to Top