Vulnerabilities > Enthusiast
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-01-25 | CVE-2007-0484 | SQL-Injection vulnerability in Enthusiast 3.1 Multiple SQL injection vulnerabilities in Enthusiast 3.1 allow remote attackers to execute arbitrary SQL commands via the cat parameter to (1) show_owned.php, (2) show_joined.php, and possibly other files. | 7.5 |
2007-01-25 | CVE-2007-0483 | Input Validation vulnerability in Enthusiast 3.1 Multiple cross-site scripting (XSS) vulnerabilities in Enthusiast 3.1 allow remote attackers to inject arbitrary web script or HTML via the URI for (1) show_owned.php or (2) show_joined.php. network enthusiast | 6.8 |