Vulnerabilities > Phpsugar
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-09 | CVE-2018-5211 | SQL Injection vulnerability in PHPsugar PHP Melody 2.7.1 PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist. | 7.5 |
2017-10-24 | CVE-2017-15081 | SQL Injection vulnerability in PHPsugar PHP Melody 2.6.1 In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php. | 7.5 |
2017-10-19 | CVE-2017-15648 | Cross-site Scripting vulnerability in PHPsugar PHP Melody In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the page_title parameter. | 4.3 |
2017-10-18 | CVE-2017-15579 | SQL Injection vulnerability in PHPsugar PHP Melody In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php. | 7.5 |
2017-10-18 | CVE-2017-15578 | SQL Injection vulnerability in PHPsugar PHP Melody In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php. | 6.0 |
2009-08-20 | CVE-2009-2895 | SQL Injection vulnerability in PHPsugar Ultimate Regnow Affiliate 3.0 SQL injection vulnerability in rss.php in Ultimate Regnow Affiliate (URA) 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |