Vulnerabilities > Idevspot > Nixieaffiliate > 1.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-09-19 | CVE-2006-4895 | Authentication Bypass vulnerability in Idevspot Nixieaffiliate 1.9 IDevSpot NexieAffiliate 1.9 and earlier allows remote attackers to delete arbitrary affiliates via a modified id parameter to delete.php. | 7.5 |
| 2006-09-19 | CVE-2006-4894 | Cross-Site Scripting vulnerability in Idevspot Nixieaffiliate 1.9 Cross-site scripting (XSS) vulnerability in forms/lostpassword.php in iDevSpot NixieAffiliate 1.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter. network idevspot | 4.3 |