Vulnerabilities > Phpsugar

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-09	CVE-2018-5211	SQL Injection vulnerability in PHPsugar PHP Melody 2.7.1 PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist. network low complexity phpsugar CWE-89	7.5
2017-10-24	CVE-2017-15081	SQL Injection vulnerability in PHPsugar PHP Melody 2.6.1 In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php. network low complexity phpsugar CWE-89	7.5
2017-10-19	CVE-2017-15648	Cross-site Scripting vulnerability in PHPsugar PHP Melody In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the page_title parameter. network phpsugar CWE-79	4.3
2017-10-18	CVE-2017-15579	SQL Injection vulnerability in PHPsugar PHP Melody In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php. network low complexity phpsugar CWE-89	7.5
2017-10-18	CVE-2017-15578	SQL Injection vulnerability in PHPsugar PHP Melody In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php. network phpsugar CWE-89	6.0
2009-08-20	CVE-2009-2895	SQL Injection vulnerability in PHPsugar Ultimate Regnow Affiliate 3.0 SQL injection vulnerability in rss.php in Ultimate Regnow Affiliate (URA) 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. network low complexity phpsugar CWE-89	7.5

Vulnerabilities > Phpsugar {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Phpsugar"}]}