Vulnerabilities > Chaossoft > Gaestechaos
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-08-09 | CVE-2006-4039 | SQL Injection vulnerability in Chaossoft Gaestechaos Multiple SQL injection vulnerabilities in eintragen.php in GaesteChaos 0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) gastname, (2) gastwohnort, or (3) gasteintrag parameters. | 7.5 |
2006-08-09 | CVE-2006-4038 | Cross-Site Scripting vulnerability in Chaossoft Gaestechaos Multiple cross-site scripting (XSS) vulnerabilities in eintragen.php in GaesteChaos 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gastname or (2) gastwohnort parameters. | 4.3 |