RSS   Vulnerabilities for 'Redcms'   RSS

2006-03-31
 
CVE-2006-1569

CWE-Other
 

 
Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters to (a) login.php or (b) register.php; or (3) u parameter to (c) profile.php.

 
 
CVE-2006-1568

CWE-Other
 

 
Multiple cross-site scripting (XSS) vulnerabilities in register.php in RedCMS 0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) email, (2) location, or (3) website parameters.

 


Copyright 2024, cxsecurity.com

 

Back to Top