Vulnerabilities > EVO DEV
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-05-12 | CVE-2006-2339 | SQL Injection vulnerability in Evo-Dev Evotopsites and Evotopsites PRO SQL injection vulnerability in index.php in evoTopsites 2.x and evoTopsites Pro 2.x allows remote attackers to execute arbitrary SQL commands via the (1) cat_id and (2) id parameters. | 6.4 |
2006-03-09 | CVE-2006-1077 | HTML Injection vulnerability in Evo-Dev evoBlog Comment Post Multiple cross-site scripting (XSS) vulnerabilities in the commentary in Evo-Dev evoBlog allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter and (2) other unspecified parameters. network evo-dev | 4.3 |