Vulnerabilities > Olate > Olatedownload > 3.4.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-10-05 | CVE-2006-5145 | Input Validation vulnerability in Olate Olatedownload 3.4.0 Multiple SQL injection vulnerabilities in OlateDownload 3.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter in details.php or the (2) query parameter in search.php. | 7.5 |
2006-10-05 | CVE-2006-5144 | Input Validation vulnerability in Olate Olatedownload 3.4.0 Cross-site scripting (XSS) vulnerability in userupload.php in OlateDownload 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the description_small parameter. network olate | 6.8 |