RSS   Podatności dla
'Unobtrusive ajax star rating bar'
   RSS

2007-07-11
 
CVE-2007-3686

 

 
CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary HTTP headers and data via CRLF sequences in the HTTP_REFERER parameter.

 
 
CVE-2007-3685

 

 
Cross-site scripting (XSS) vulnerability in rpc.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.

 
 
CVE-2007-3684

 

 
Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating Bar before 1.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) q and (2) t parameters in (a) db.php and (b) rpc.php.

 


Copyright 2020, cxsecurity.com

 

Back to Top