Vulnerabilities > Neocrome > Land Down Under > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-15 | CVE-2006-6577 | SQL Injection vulnerability in Seditio/Land Down Under Polls.PHP SQL injection vulnerability in polls.php in Neocrome Land Down Under (LDU) 8.x and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. network neocrome | 6.8 |
| 2006-04-29 | CVE-2006-2096 | Information Disclosure vulnerability in Land Down Under plug.php in Land Down Under (LDU) 802 and earlier allows remote attackers to obtain sensitive information via an invalid (1) month or (2) year parameter, which reveals the path in an error message. | 5.0 |
| 2005-12-31 | CVE-2005-4711 | SQL-Injection vulnerability in Neocrome Land Down Under SQL injection vulnerability in Neocrome Land Down Under (LDU) 801 allows remote attackers to execute arbitrary SQL commands via an HTTP Referer header. | 6.8 |
| 2005-09-14 | CVE-2005-2884 | HTML Injection vulnerability in Land Down Under Cross-site scripting (XSS) vulnerability in events.php in Land Down Under (LDU) 801 and earlier allows remote attackers to inject arbitrary web script or HTML via the Description field in an event. network neocrome | 4.3 |
| 2005-09-02 | CVE-2005-2780 | HTML Injection vulnerability in Neocrome Land Down Under 800 Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) allows remote attackers to inject arbitrary web script or HTML via a signature. network neocrome | 4.3 |
| 2004-05-29 | CVE-2004-2038 | HTML Injection vulnerability in Land Down Under BBCode Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php. network neocrome | 4.3 |