RSS   Vulnerabilities for 'Polypager'   RSS

2008-08-06
 
CVE-2008-3506

CWE-89
 

 
SQL injection vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to execute arbitrary SQL commands via the nr parameter to the default URI.

 
 
CVE-2008-3505

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via the nr parameter to the default URI.

 


Copyright 2024, cxsecurity.com

 

Back to Top