XM Diary

DATE	CVE	VULNERABILITY TITLE	RISK
2012-07-25	CVE-2012-4061	SQL Injection vulnerability in Asp-Dev XM Diary Multiple SQL injection vulnerabilities in ASP-DEv XM Diary allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to diary_view.asp or (2) view_date parameter to default.asp. network low complexity asp-dev CWE-89	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.