Vulnerabilities > Getmiro
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-25 | CVE-2008-6287 | Code Injection vulnerability in Getmiro Broadcast Machine 0.1 Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/. | 7.5 |
2007-11-14 | CVE-2007-3694 | Cross-Site Scripting vulnerability in Getmiro Broadcast Machine 0.9.9.9 Cross-site scripting (XSS) vulnerability in login.php in Miro Project Broadcast Machine 0.9.9.9 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | 4.3 |