Vulnerabilities > Mhproducts > ERO Auktion > 2010

DATE CVE VULNERABILITY TITLE RISK
2010-12-29 CVE-2010-4614 SQL Injection vulnerability in Mhproducts ERO Auktion 2010
SQL injection vulnerability in item.php in Ero Auktion 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-0723.
network
low complexity
mhproducts CWE-89
7.5
7.5
2010-02-26 CVE-2010-0723 SQL Injection vulnerability in Mhproducts ERO Auktion 2.0/2010
SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
mhproducts CWE-89
7.5
7.5