Vulnerabilities > Gforge > Gforge > 3.1

DATE CVE VULNERABILITY TITLE RISK
2009-02-19 CVE-2008-6188 SQL Injection vulnerability in Gforge
SQL injection vulnerability in people/editprofile.php in Gforge 4.6 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the skill_edit[] parameter.
network
low complexity
gforge CWE-89
7.5
2009-02-19 CVE-2008-6187 SQL Injection vulnerability in Gforge
SQL injection vulnerability in frs/shownotes.php in Gforge 4.5.19 and earlier allows remote attackers to execute arbitrary SQL commands via the release_id parameter.
network
low complexity
gforge CWE-89
7.5
2007-11-08 CVE-2007-3921 Link Following vulnerability in Gforge 3.1/4.5.14
gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files.
local
gforge CWE-59
3.3
2005-12-31 CVE-2005-1752 Remote Arbitrary Command Execution vulnerability in GForge
viewFile.php in the scm component of Gforge before 4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file_name parameter.
network
low complexity
gforge
6.4
2005-05-02 CVE-2005-0299 Information Disclosure vulnerability in GForge
Directory traversal vulnerability in GForge 3.3 and earlier allows remote attackers to list arbitrary directories via a ..
network
low complexity
gforge
5.0