Vulnerabilities > Mywebland > Myevent
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-10-22 | CVE-2008-4650 | SQL Injection vulnerability in Mywebland Myevent 1.6 SQL injection vulnerability in viewevent.php in myEvent 1.6 allows remote attackers to execute arbitrary SQL commands via the eventdate parameter. | 7.5 |
2006-08-11 | CVE-2006-4083 | Remote Security vulnerability in Myevent 1.2/1.3 PHP remote file inclusion vulnerability in viewevent.php in myWebland myEvent 1.x allows remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter, a different vector than CVE-2006-4040. | 7.5 |
2006-08-09 | CVE-2006-4040 | Remote File Include vulnerability in myEvent Myevent.PHP PHP remote file inclusion vulnerability in myevent.php in myWebland myEvent 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter. | 7.5 |
2006-04-20 | CVE-2006-1908 | Cross-Site Scripting vulnerability in myEvent Cross-site scripting vulnerability in addevent.php in myEvent 1.x allows remote attackers to inject arbitrary web script or HTML via the event_desc parameter. | 2.6 |
2006-04-20 | CVE-2006-1907 | SQL-Injection vulnerability in myEvent Multiple SQL injection vulnerabilities in myEvent 1.x allow remote attackers to inject arbitrary SQL commands via the event_id parameter to (1) addevent.php or (2) del.php or (3) event_desc parameter to addevent.php. | 7.5 |
2006-04-20 | CVE-2006-1890 | Code Injection vulnerability in Mywebland Myevent 1.2/1.4 Multiple PHP remote file inclusion vulnerabilities in myWebland myEvent 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter in (1) event.php and (2) initialize.php. | 7.5 |