Vulnerabilities > EVO DEV

DATE CVE VULNERABILITY TITLE RISK
2006-05-12 CVE-2006-2339 SQL Injection vulnerability in Evo-Dev Evotopsites and Evotopsites PRO
SQL injection vulnerability in index.php in evoTopsites 2.x and evoTopsites Pro 2.x allows remote attackers to execute arbitrary SQL commands via the (1) cat_id and (2) id parameters.
network
low complexity
evo-dev
6.4
2006-03-09 CVE-2006-1077 HTML Injection vulnerability in Evo-Dev evoBlog Comment Post
Multiple cross-site scripting (XSS) vulnerabilities in the commentary in Evo-Dev evoBlog allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter and (2) other unspecified parameters.
network
evo-dev
4.3