Vulnerabilities > Almnzm

DATE CVE VULNERABILITY TITLE RISK
2011-11-23 CVE-2010-5055 SQL Injection vulnerability in Almnzm 2.1
SQL injection vulnerability in index.php in Almnzm 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
almnzm CWE-89
7.5
2007-06-11 CVE-2007-3173 Information Disclosure vulnerability in almnzm
Almnzm allows remote attackers to obtain sensitive information via an activateorder request to index.php with an invalid orderid parameter, probably related to '[' and ']' characters.
network
low complexity
almnzm
5.0