Vulnerabilities > GWM > Galatolo Webmanager > 1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-10 | CVE-2008-6108 | Cross-Site Scripting vulnerability in GWM Galatolo Webmanager 1.0 Cross-site scripting (XSS) vulnerability in result.php in Galatolo WebManager (GWM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter. | 4.3 |
2008-06-13 | CVE-2008-2700 | SQL Injection vulnerability in GWM Galatolo Webmanager 1.0 SQL injection vulnerability in view.php in Galatolo WebManager 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-06-13 | CVE-2008-2699 | Path Traversal vulnerability in GWM Galatolo Webmanager 1.0 Multiple directory traversal vulnerabilities in Galatolo WebManager (GWM) 1.0 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in (1) the plugin parameter to admin/plugins.php or (2) the com parameter to index.php. | 7.5 |