Vulnerabilities > BOB Jewell
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-18 | CVE-2009-4719 | SQL Injection vulnerability in BOB Jewell Discloser 0.0.4 SQL injection vulnerability in index.php in Discloser 0.0.4 rc2 allows remote attackers to execute arbitrary SQL commands via the more parameter. | 7.5 |
2006-08-17 | CVE-2006-4207 | Remote File Include vulnerability in Discloser Multiple PHP remote file inclusion vulnerabilities in Bob Jewell Discloser 0.0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the fileloc parameter to (1) content/content.php or (2) /inc/indexhead.php. | 7.5 |