Vulnerabilities for Riddles (...) - CXSECURITY.COM

Vulnerabilities for 'Riddles'

2009-08-20

CVE-2009-2891

CWE-89

SQL injection vulnerability in list.php in PHP Scripts Now Riddles allows remote attackers to execute arbitrary SQL commands via the catid parameter.

CVE-2009-2890

CWE-79

Cross-site scripting (XSS) vulnerability in results.php in PHP Scripts Now Riddles allows remote attackers to inject arbitrary web script or HTML via the searchquery parameter.

>>> Vendor: Phpscriptsnow 6 Products

World's tallest buildings

Real time currency exchange

Copyright 2024, cxsecurity.com