Vulnerabilities > D2Ksoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-09 | CVE-2006-1123 | Input Validation vulnerability in D2KBlog SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the memName parameter in a cookie. | 10.0 |
2006-03-09 | CVE-2006-1122 | Input Validation vulnerability in D2KBlog Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter. network d2ksoft | 6.8 |