Vulnerabilities > BOB Jewell

DATE CVE VULNERABILITY TITLE RISK
2010-03-18 CVE-2009-4719 SQL Injection vulnerability in BOB Jewell Discloser 0.0.4
SQL injection vulnerability in index.php in Discloser 0.0.4 rc2 allows remote attackers to execute arbitrary SQL commands via the more parameter.
network
low complexity
bob-jewell CWE-89
7.5
2006-08-17 CVE-2006-4207 Remote File Include vulnerability in Discloser
Multiple PHP remote file inclusion vulnerabilities in Bob Jewell Discloser 0.0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the fileloc parameter to (1) content/content.php or (2) /inc/indexhead.php.
network
low complexity
bob-jewell
7.5