Vulnerabilities > 2Daybiz > Business Community Script > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-05-16 | CVE-2009-1652 | Permissions, Privileges, and Access Controls vulnerability in 2Daybiz Business Community Script admin/adminaddeditdetails.php in Business Community Script does not properly restrict access, which allows remote attackers to gain privileges and add administrators via a direct request. | 7.5 |
| 2009-05-16 | CVE-2009-1651 | SQL Injection vulnerability in 2Daybiz Business Community Script SQL injection vulnerability in admin/member_details.php in 2daybiz Business Community Script allows remote attackers to execute arbitrary SQL commands via the mid parameter. | 7.5 |