RSS   Podatności dla 'Gregarius'   RSS

2008-07-30
 
CVE-2008-3374

CWE-89
 

 
SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action.

 
2006-03-07
 
CVE-2006-1042

CWE-Other
 

 
Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php.

 
 
CVE-2006-1041

CWE-Other
 

 
Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_query parameter to search.php or (2) tag parameter to tags.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top