Vulnerabilities > Clanlite
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-11-24 | CVE-2008-5215 | SQL Injection vulnerability in Clanlite 2.2006.05.20 SQL injection vulnerability in service/profil.php in ClanLite 2.2006.05.20 allows remote attackers to execute arbitrary SQL commands via the link parameter. | 7.5 |
2008-11-24 | CVE-2008-5214 | Cross-Site Scripting vulnerability in Clanlite 2.2006.05.20 Cross-site scripting (XSS) vulnerability in service/calendrier.php in ClanLite 2.2006.05.20 allows remote attackers to inject arbitrary web script or HTML via the annee parameter. | 4.3 |
2007-10-01 | CVE-2007-5168 | Improper Input Validation vulnerability in Clanlite 1.23.01.2005 Multiple PHP remote file inclusion vulnerabilities in ClanLite 1.23.01.2005 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) modules/serveur_jeux.php or (2) conf/conf-php.php. | 6.8 |