Vulnerabilities > Infireal > Mxcamarchive
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-12 | CVE-2008-6956 | Code Injection vulnerability in Infireal Mxcamarchive 2.2 Static code injection vulnerability in admin/admin.php in mxCamArchive 2.2 allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description parameter, which is executed by invocation of index.php. | 6.5 |
| 2009-08-12 | CVE-2008-6955 | Information Exposure vulnerability in Infireal Mxcamarchive 2.2 mxCamArchive 2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain configuration details and passwords via a direct request for archive/config.ini. | 7.5 |