Vulnerabilities > Gregarius

DATE CVE VULNERABILITY TITLE RISK
2008-07-30 CVE-2008-3374 SQL Injection vulnerability in Gregarius
SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action.
network
low complexity
gregarius CWE-89
7.5
2006-03-07 CVE-2006-1042 Input Validation vulnerability in Gregarius 0.5.2
Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php.
network
low complexity
gregarius
6.4
2006-03-07 CVE-2006-1041 Input Validation vulnerability in Gregarius 0.5.2
Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_query parameter to search.php or (2) tag parameter to tags.php.
network
gregarius
4.3