Vulnerabilities > Mediatheka
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-01-12 | CVE-2008-5895 | SQL Injection vulnerability in Mediatheka 4.2 SQL injection vulnerability in connection.php in Mediatheka 4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. | 7.5 |
| 2009-01-12 | CVE-2008-5894 | Path Traversal vulnerability in Mediatheka 4.2 Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |