Vulnerabilities > KTP Computer Customer Database

DATE CVE VULNERABILITY TITLE RISK
2009-01-23 CVE-2008-5954 SQL Injection vulnerability in KTP Computer Customer Database KTP Computer Customer Database NIL
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lname parameter in a login action to an unspecified component. 		6.8
6.8
2009-01-23 CVE-2008-5953 Path Traversal vulnerability in KTP Computer Customer Database KTP Computer Customer Database NIL
Directory traversal vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a ..
network
low complexity
ktp-computer-customer-database CWE-22
7.5
7.5
2009-01-23 CVE-2008-5952 SQL Injection vulnerability in KTP Computer Customer Database KTP Computer Customer Database NIL
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the tid parameter in a vtech action to the default URI. 		6.0
6.0