Vulnerabilities > Qualityunit

DATE CVE VULNERABILITY TITLE RISK
2023-09-03 CVE-2023-38482 Cross-site Scripting vulnerability in Qualityunit Post Affiliate PRO
Auth.
network
low complexity
qualityunit CWE-79
4.8
2010-03-05 CVE-2009-4666 Code Injection vulnerability in Qualityunit Download Protect 1.0
Multiple PHP remote file inclusion vulnerabilities in Webradev Download Protect 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[RootPath] parameter to (1) Framework/EmailTemplates.class.php, (2) Customers/PDPEmailReplaceConstants.class.php, and (3) Admin/ResellersManager.class.php in includes/DProtect/.
network
low complexity
qualityunit CWE-94
7.5
2008-12-17 CVE-2008-5630 SQL Injection vulnerability in Qualityunit Post Affiliate PRO 3.0/3.1.4
SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 3 and 3.1.4 allows remote attackers to execute arbitrary SQL commands via the umprof_status parameter.
6.8
2008-10-18 CVE-2008-4602 Path Traversal vulnerability in Qualityunit Post Affiliate PRO 2.0
Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a ..
network
low complexity
qualityunit CWE-22
6.5