RSS   Podatności dla 'Nmdeluxe'   RSS

2007-08-31
 
CVE-2007-4645

 

 
SQL injection vulnerability in index.php in NMDeluxe 2.0.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a newspost do action, a different vulnerability than CVE-2006-1108.

 
2006-03-09
 
CVE-2006-1108

CWE-Other
 

 
SQL injection vulnerability in news.php in NMDeluxe before 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

 
 
CVE-2006-1107

CWE-Other
 

 
Cross-site scripting (XSS) vulnerability in news.php in NMDeluxe before 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the nick parameter.

 


Copyright 2021, cxsecurity.com

 

Back to Top