Vulnerabilities > Mlffat
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-07-24 | CVE-2009-2585 | SQL Injection vulnerability in Mlffat 2.2 SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731. | 7.5 |
2009-05-20 | CVE-2009-1731 | SQL Injection vulnerability in Mlffat 2.1 SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded supervisor cookie. | 7.5 |