Vulnerabilities > Pixelpost > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-28 | CVE-2009-4899 | SQL Injection vulnerability in Pixelpost 1.7.15 pixelpost 1.7.1 has SQL injection | 7.5 |
| 2006-03-09 | CVE-2006-1104 | Input Validation vulnerability in Pixelpost Multiple SQL injection vulnerabilities in Pixelpost 1.5 beta 1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the showimage parameter in index.php; and the (2) USER_AGENT, (3) HTTP_REFERER, and (4) HTTP_HOST HTTP header fields as used in the book_vistor function in includes/functions.php. | 7.5 |