Vulnerabilities > Devilz Clanportal
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-07 | CVE-2006-6339 | SQL Injection vulnerability in Devilz Clanportal Devilz Clanportal 1.3.6 SQL injection vulnerability in sites/index.php in deV!L`z Clanportal (DZCP) before 1.3.6.1 allows remote attackers to execute arbitrary SQL commands via the show element in a GET request. network devilz-clanportal | 6.8 |
2006-12-07 | CVE-2006-6338 | Unspecified vulnerability in Devilz Clanportal Devilz Clanportal 1.3.6 Unrestricted file upload vulnerability in upload/index.php in deV!L`z Clanportal (DZCP) before 1.3.6.1 allows remote attackers to upload and execute arbitrary .php files by embedding PHP code in a JPEG or GIF file that is uploaded to inc/images/uploads/userpics/. | 5.0 |
2006-07-03 | CVE-2006-3347 | SQL Injection vulnerability in Devilz Clanportal Devilz Clanportal 1.3.4 SQL injection vulnerability in index.php in deV!Lz Clanportal DZCP 1.3.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |