Vulnerabilities > Eqdkp > Eqdkp > 1.2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-05-16 | CVE-2007-2716 | Cross-Site Scripting vulnerability in EQDKP Show Variable Multiple cross-site scripting (XSS) vulnerabilities in EQdkp 1.3.2c and earlier allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) listmembers.php and (2) stats.php. network eqdkp | 6.8 |
2006-05-09 | CVE-2006-2256 | Remote File Include vulnerability in EQDKP DBal.PHP PHP remote file inclusion vulnerability in includes/dbal.php in EQdkp 1.3.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the eqdkp_root_path parameter. | 6.4 |
2005-08-17 | CVE-2005-2615 | Unspecified vulnerability in Eqdkp 1.0.0/1.1.0/1.2.0 Unknown vulnerability in session.php in EQdkp before 1.3.0 has unknown impact and attack vectors, possibly involving auto_login_id. | 7.5 |