Vulnerabilities > Craftysyntax

DATE	CVE	VULNERABILITY TITLE	RISK
2011-09-23	CVE-2011-3723	Information Exposure vulnerability in Craftysyntax Crafty Syntax 3.0.2 Crafty Syntax 3.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by README_FILES/livehelp.php and certain other files. network low complexity craftysyntax CWE-200	5.0
2008-08-27	CVE-2008-3845	SQL Injection vulnerability in Craftysyntax Crafty Syntax Live Help Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php. network low complexity craftysyntax CWE-89	7.5
2008-08-27	CVE-2008-3840	Credentials Management vulnerability in Craftysyntax Crafty Syntax Live Help Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information. network low complexity craftysyntax CWE-255	5.0

Vulnerabilities > Craftysyntax {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Craftysyntax"}]}