Vulnerabilities > Bananadance
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-10-21 | CVE-2012-5243 | Permissions, Privileges, and Access Controls vulnerability in Bananadance Banana Dance 0.9/1.5 functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to read arbitrary database information via a crafted request. | 5.0 |
2014-10-21 | CVE-2012-5242 | Path Traversal vulnerability in Bananadance Banana Dance 0.9/1.5 Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2014-10-20 | CVE-2012-5244 | SQL Injection vulnerability in Bananadance Banana Dance 0.9/1.5 Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widgets.php, (6) the category parameter to functions/print.php; or (7) the name parameter to functions/ajax.php. | 7.5 |