Vulnerabilities > Desklance

DATE CVE VULNERABILITY TITLE RISK
2005-11-26 CVE-2005-3836 SQL-Injection vulnerability in Desklance
SQL injection vulnerability in DeskLance 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the announce parameter.
network
low complexity
desklance
7.5
2005-11-26 CVE-2005-3835 Code Injection vulnerability in Desklance
PHP remote file inclusion vulnerability in support/index.php in DeskLance 2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the main parameter.
network
low complexity
desklance CWE-94
7.5