Vulnerabilities > Dsportal > Dsnewsletter > 1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-15 | CVE-2006-1237 | SQL Injection vulnerability in Dsportal Dsnewsletter 1.0 Multiple SQL injection vulnerabilities in DSNewsletter 1.0, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the email parameter to (1) include/sub.php, (2) include/confirm.php, or (3) include/unconfirm.php. | 7.5 |