Vulnerabilities > Opendb > Opendb > 1.0.6

DATE CVE VULNERABILITY TITLE RISK
2008-09-05 CVE-2008-3938 Cross-Site Request Forgery (CSRF) vulnerability in Opendb 1.0.6
Cross-site request forgery (CSRF) vulnerability in user_admin.php in Open Media Collectors Database (OpenDb) 1.0.6 allows remote attackers to change arbitrary passwords via an update_password action.
network
opendb CWE-352
5.8
5.8
2008-09-05 CVE-2008-3937 Cross-Site Scripting vulnerability in Opendb 1.0.6
Multiple cross-site scripting (XSS) vulnerabilities in Open Media Collectors Database (OpenDb) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) user_id parameter in an edit action to user_admin.php, the (2) title parameter to listings.php, and the (3) redirect_url parameter to user_profile.php.
network
opendb CWE-79
4.3
4.3