Vulnerabilities > Dzcp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-09-19 | CVE-2012-5000 | SQL Injection vulnerability in Blueteck Witze Addon 0.9 SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 for deV!L'z Clanportal allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action. | 7.5 |
2010-03-16 | CVE-2010-0966 | Code Injection vulnerability in Dzcp Dev!L'Z Clanportal 1.5.2 PHP remote file inclusion vulnerability in inc/config.php in deV!L`z Clanportal (DZCP) 1.5.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter. | 6.8 |
2007-03-02 | CVE-2007-1167 | Information Exposure vulnerability in Dzcp Dev!L'Z Clanportal inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and earlier allows remote attackers to obtain MySQL data via the inc/mysql.php value of the file parameter. | 5.0 |