Vulnerabilities > Envolution

DATE	CVE	VULNERABILITY TITLE	RISK
2007-08-08	CVE-2007-4253	SQL Injection vulnerability in Envolution News Module Topic Parameter SQL injection vulnerability in the News module in modules.php in Envolution 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2005-4263. network low complexity envolution	7.5
2006-12-10	CVE-2006-6445	Local Code Include vulnerability in Envolution 1.1.0 Directory traversal vulnerability in error.php in Envolution 1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. network low complexity envolution	7.5
2005-12-15	CVE-2005-4263	SQL Injection vulnerability in Envolution SQL injection vulnerability in the News module in Envolution allows remote attackers to execute arbitrary SQL commands via the (1) startrow and (2) catid parameter. network low complexity envolution CWE-89	7.5
2005-12-15	CVE-2005-4262	Input Validation vulnerability in Envolution Cross-site scripting (XSS) vulnerability in the News module in Envolution allows remote attackers to inject arbitrary web script or HTML via the (1) startrow and (2) catid parameter. network envolution	4.3

Vulnerabilities > Envolution {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Envolution"}]}