Vulnerabilities > Masuga Design
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-07-11 | CVE-2007-3686 | Input Validation vulnerability in Unobtrusive AJAX Star Rating Bar CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary HTTP headers and data via CRLF sequences in the HTTP_REFERER parameter. | 7.5 |
2007-07-11 | CVE-2007-3685 | Cross-Site Scripting vulnerability in Unobtrusive AJAX Star Rating Bar Cross-site scripting (XSS) vulnerability in rpc.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | 2.6 |
2007-07-11 | CVE-2007-3684 | Input Validation vulnerability in Unobtrusive AJAX Star Rating Bar Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating Bar before 1.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) q and (2) t parameters in (a) db.php and (b) rpc.php. | 7.5 |