RSS   Vulnerabilities for 'Powerclan'   RSS

2009-02-23
 
CVE-2009-0707

CWE-89
 

 
SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter (aka login field). NOTE: some of these details are obtained from third party information.

 
2006-12-22
 
CVE-2006-6715

CWE-Other
 

 
PHP remote file inclusion vulnerability in footer.inc.php in PowerClan 1.14a and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the settings[footer] parameter.

 
2006-04-18
 
CVE-2006-1805

CWE-Other
 

 
SQL injection vulnerability in member.php in PowerClan 1.14 allows remote attackers to execute arbitrary SQL commands via the memberid parameter.

 

 >>> Vendor: Powerscripts 5 Products
Plusmail
Powerclan
Powernews
Powerphpboard
Powerbook


Copyright 2024, cxsecurity.com

 

Back to Top