Vulnerabilities > Benjamin Curtis > Phpbugtracker > 1.0.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-06-01 | CVE-2009-1851 | SQL Injection vulnerability in Benjamin Curtis PHPbugtracker SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
| 2009-06-01 | CVE-2009-1850 | SQL Injection vulnerability in Benjamin Curtis PHPbugtracker 1.0.3 SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute arbitrary SQL commands via the password parameter. | 7.5 |