Vulnerabilities > Dream4 > Koobi PRO > 5.6

DATE CVE VULNERABILITY TITLE RISK
2006-07-18 CVE-2006-3622 SQL-Injection vulnerability in Dream4 Koobi PRO 5.6
The showtopic module in Koobi Pro CMS 5.6 allows remote attackers to obtain sensitive information via a ' (single quote) in the p parameter, which displays the path in an error message.
network
low complexity
dream4
5.0
5.0
2006-07-18 CVE-2006-3621 Input Validation vulnerability in Dream4 Koobi PRO 5.6
SQL injection vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to execute arbitrary SQL commands via the toid parameter.
network
low complexity
dream4
7.5
7.5
2006-07-18 CVE-2006-3620 Input Validation vulnerability in Dream4 Koobi PRO 5.6
Cross-site scripting (XSS) vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to inject arbitrary web script or HTML via the toid parameter.
network
high complexity
dream4
2.6
2.6