Vulnerabilities > Pnflashgames
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-04-30 | CVE-2008-2013 | SQL Injection vulnerability in Pnflashgames 1.5/2.5 SQL injection vulnerability in index.php in the pnFlashGames 1.5 through 2.5 module for PostNuke, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a display action. | 6.8 |
2007-05-02 | CVE-2007-2427 | SQL Injection vulnerability in Pnflashgames 1.5 SQL injection vulnerability in index.php in the pnFlashGames 1.5 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |