Vulnerabilities > 2Daybiz > Business Community Script

DATE CVE VULNERABILITY TITLE RISK
2009-05-16 CVE-2009-1652 Permissions, Privileges, and Access Controls vulnerability in 2Daybiz Business Community Script
admin/adminaddeditdetails.php in Business Community Script does not properly restrict access, which allows remote attackers to gain privileges and add administrators via a direct request.
network
low complexity
2daybiz CWE-264
7.5
2009-05-16 CVE-2009-1651 SQL Injection vulnerability in 2Daybiz Business Community Script
SQL injection vulnerability in admin/member_details.php in 2daybiz Business Community Script allows remote attackers to execute arbitrary SQL commands via the mid parameter.
network
low complexity
2daybiz CWE-89
7.5