Vulnerabilities > Gregarius
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-07-30 | CVE-2008-3374 | SQL Injection vulnerability in Gregarius SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action. | 7.5 |
2006-03-07 | CVE-2006-1042 | Input Validation vulnerability in Gregarius 0.5.2 Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php. | 6.4 |
2006-03-07 | CVE-2006-1041 | Input Validation vulnerability in Gregarius 0.5.2 Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_query parameter to search.php or (2) tag parameter to tags.php. network gregarius | 4.3 |