Vulnerabilities > Benjamin Curtis
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-06-01 | CVE-2009-1851 | SQL Injection vulnerability in Benjamin Curtis PHPbugtracker SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2009-06-01 | CVE-2009-1850 | SQL Injection vulnerability in Benjamin Curtis PHPbugtracker 1.0.3 SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute arbitrary SQL commands via the password parameter. | 7.5 |
2004-12-31 | CVE-2004-1519 | SQL-Injection vulnerability in phpBugTracker SQL injection vulnerability in bug.php in phpBugTracker 0.9.1 allows remote attackers to execute arbitrary SQL commands via (1) the bug_id parameter in a viewvotes operation or (2) the project parameter in an add operation. | 7.5 |