Vulnerabilities > Post Affiliate PRO
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-11-30 | CVE-2005-3910 | Directory Traversal vulnerability in Post Affiliate PRO Post Affiliate PRO 2.0.4 merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory traversal vulnerability. | 5.0 |
2005-11-30 | CVE-2005-3909 | SQL Injection vulnerability in Post Affiliate Pro SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the sortorder parameter. | 7.5 |