Vulnerabilities > Mlffat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-07-24 | CVE-2009-2585 | SQL Injection vulnerability in Mlffat 2.2 SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731. | 7.5 |
| 2009-05-20 | CVE-2009-1731 | SQL Injection vulnerability in Mlffat 2.1 SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded supervisor cookie. | 7.5 |