Vulnerabilities > Mywebcards
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-11-01 | CVE-2008-4878 | Improper Input Validation vulnerability in Mywebcards Webcards Unrestricted file upload vulnerability in the "Add Image Macro" feature in WebCards 1.3 allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the uploaded file. | 8.5 |
2008-11-01 | CVE-2008-4877 | SQL Injection vulnerability in Mywebcards Webcards SQL injection vulnerability in admin.php in WebCards 1.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. | 6.8 |