Vulnerabilities > Enigma Haber
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-06 | CVE-2006-2873 | Cross-Site Scripting vulnerability in Enigma Haber Enigma Haber 4.2 Cross-site scripting (XSS) vulnerability in hava.asp in Enigma Haber 4.2 allows remote attackers to inject arbitrary web script or HTML via the il parameter. network enigma-haber | 4.3 |
2006-06-01 | CVE-2006-2731 | SQL Injection vulnerability in Enigma Haber Enigma Haber 4.2 Multiple SQL injection vulnerabilities in Enigma Haber 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) e_mesaj_yas.asp, (b) edi_haber.asp, and (c) haber_devam.asp; (2) hid parameter in (d) yazdir.asp and (e) yorum.asp, and the (3) e parameter in (f) arsiv.asp. | 7.5 |