Vulnerabilities > Enterprise Heart
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-29 | CVE-2005-4563 | SQL Injection vulnerability in Enterprise Heart Enterprise Connector 1.0.2 SQL injection vulnerability in main.php in Enterprise Heart Enterprise Connector 1.0.2 allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the loginid parameter, a different vulnerability than CVE-2005-3875. | 7.5 |
2005-11-29 | CVE-2005-3875 | SQL Injection vulnerability in Enterprise Connector Multiple SQL injection vulnerabilities in Enterprise Connector 1.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the messageid parameter in (1) send.php or (2) a delete action in messages.php. | 7.5 |