Vulnerabilities > Beaussier > Roomphplanning > 1.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-04-07 | CVE-2008-6634 | SQL Injection vulnerability in Beaussier Roomphplanning 1.5 SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idroom parameter to weekview.php. | 7.5 |
2009-04-07 | CVE-2008-6633 | SQL Injection vulnerability in Beaussier Roomphplanning 1.5 SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idresa parameter to resaopen.php. | 7.5 |
2008-05-28 | CVE-2008-2488 | Permissions, Privileges, and Access Controls vulnerability in Beaussier Roomphplanning 1.5 admin/userform.php in RoomPHPlanning 1.5 does not require administrative credentials, which allows remote authenticated users to create new admin accounts. | 6.5 |