Vulnerabilities > Jaws > Jaws > 0.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-1231 | HTML Injection vulnerability in Jaws 0.3/0.4/0.5Beta2 Cross-site scripting (XSS) vulnerability in the NewTerm function in GlossaryModel.php in JAWS 0.4 allows remote attackers to inject arbitrary web script or HTML via the (1) term or (2) description. network jaws | 4.3 |
2004-07-29 | CVE-2004-2067 | SQL Injection vulnerability in Jaws 0.2/0.3/0.4 SQL injection vulnerability in controlpanel.php in Jaws Framework and Content Management System 0.4 allows remote attackers to execute arbitrary SQL and bypass authentication via the (1) user, (2) password, or (3) crypted_password parameters. | 7.5 |