Vulnerabilities > Dimofinf > Infinity Script > 2.0.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-09-16 | CVE-2009-3212 | SQL Injection vulnerability in Dimofinf Infinity Script 2.0.5 SQL injection vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username field. | 6.8 |
| 2009-09-16 | CVE-2009-3211 | Path Traversal vulnerability in Dimofinf Infinity Script 2.0.5 Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. | 6.8 |