Vulnerabilities > Masuga Design

DATE CVE VULNERABILITY TITLE RISK
2007-07-11 CVE-2007-3686 Input Validation vulnerability in Unobtrusive AJAX Star Rating Bar
CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary HTTP headers and data via CRLF sequences in the HTTP_REFERER parameter.
network
low complexity
masuga-design
7.5
2007-07-11 CVE-2007-3685 Cross-Site Scripting vulnerability in Unobtrusive AJAX Star Rating Bar
Cross-site scripting (XSS) vulnerability in rpc.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
network
high complexity
masuga-design
2.6
2007-07-11 CVE-2007-3684 Input Validation vulnerability in Unobtrusive AJAX Star Rating Bar
Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating Bar before 1.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) q and (2) t parameters in (a) db.php and (b) rpc.php.
network
low complexity
masuga-design
7.5