Vulnerabilities > Mediatheka
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-01-12 | CVE-2008-5895 | SQL Injection vulnerability in Mediatheka 4.2 SQL injection vulnerability in connection.php in Mediatheka 4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. | 7.5 |
2009-01-12 | CVE-2008-5894 | Path Traversal vulnerability in Mediatheka 4.2 Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |