Vulnerabilities > Pineapple Technologies
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-04-12 | CVE-2007-2021 | Remote Security vulnerability in Pineapple Technologies Lore 1.0 Multiple PHP remote file inclusion vulnerabilities in Pineapple Technologies Lore 1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang_path parameter to third_party/phpmailer/class.phpmailer.php or the (2) get_plugin_file_path parameter to third_party/smarty/libs/plugins/function.html_checkboxes.php. | 7.5 |
2007-04-10 | CVE-2007-1905 | Cross-Site Scripting vulnerability in Pineapple Technologies Quizshock Cross-site scripting (XSS) vulnerability in auth.php in Pineapple Technologies QuizShock 1.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via encoded special characters in the forward_to parameter, as demonstrated using "<"<". | 4.3 |
2006-06-06 | CVE-2006-2836 | SQL Injection vulnerability in Lore Comment.PHP SQL injection vulnerability in comment.php in Pineapple Technologies Lore 1.5.6 and earlier allows remote attackers to execute arbitrary SQL commands via the article_id parameter. | 7.5 |
2005-12-04 | CVE-2005-3988 | SQL Injection vulnerability in Pineapple Technologies Lore 1.5.4 SQL injection vulnerability in article.php in Pineapple Technologies Lore 1.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |