Vulnerabilities > Cityforfree

DATE	CVE	VULNERABILITY TITLE	RISK
2006-08-24	CVE-2006-4324	Cross-Site Scripting vulnerability in Cityforfree Indexcity 1.0 Cross-site scripting (XSS) vulnerability in add_url2.php in CityForFree indexcity 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter. network cityforfree	6.8
2006-08-24	CVE-2006-4323	SQL Injection vulnerability in Cityforfree Indexcity 1.0 SQL injection vulnerability in list.php in CityForFree indexcity 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. network low complexity cityforfree	7.5

Vulnerabilities > Cityforfree {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cityforfree"}]}