Vulnerabilities > Mywebcards

DATE CVE VULNERABILITY TITLE RISK
2008-11-01 CVE-2008-4878 Improper Input Validation vulnerability in Mywebcards Webcards
Unrestricted file upload vulnerability in the "Add Image Macro" feature in WebCards 1.3 allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the uploaded file.
network
mywebcards CWE-20
8.5
2008-11-01 CVE-2008-4877 SQL Injection vulnerability in Mywebcards Webcards
SQL injection vulnerability in admin.php in WebCards 1.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter.
network
mywebcards CWE-89
6.8