Vulnerabilities > Reamday Enterprises

DATE	CVE	VULNERABILITY TITLE	RISK
2007-03-02	CVE-2007-1142	Cross-Site Scripting vulnerability in Reamday Enterprises Magic News Plus 1.0.2 Cross-site scripting (XSS) vulnerability in Magic News Plus 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the link_parameters parameter in (1) news.php and (2) n_layouts.php. network reamday-enterprises CWE-79	4.3
2007-03-02	CVE-2007-1141	Code Injection vulnerability in Reamday Enterprises Magic News Plus 1.0.2 PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the php_script_path parameter. network low complexity reamday-enterprises CWE-94	7.5
2006-09-15	CVE-2006-4823	Remote File Include vulnerability in Reamday Enterprises Magic News Pro News_page.PHP PHP remote file inclusion vulnerability in scripts/news_page.php in Reamday Enterprises Magic News Pro 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. network low complexity reamday-enterprises	7.5
2006-02-16	CVE-2006-0724	Variable Overwrite vulnerability in Reamday Enterprises Magic News Lite 1.2.3 profile.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (4) new_passwd, and (5) confirm_passwd variables, which are not initialized. network high complexity reamday-enterprises	2.6
2006-02-16	CVE-2006-0723	Code Injection vulnerability in Reamday Enterprises Magic News Lite 1.2.3 PHP remote file inclusion vulnerability in preview.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the php_script_path parameter. network high complexity reamday-enterprises CWE-94	2.6
2006-02-16	CVE-2006-0722	Variable Overwrite vulnerability in Reamday Enterprises Magic Downloads 1.1.3 settings.php in Reamday Enterprises Magic Downloads 1.1.3, when register_globals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (4) new_passwd, and (5) confirm_passwd variables, which are not initialized. network high complexity reamday-enterprises	2.6
2006-02-13	CVE-2006-0673	SQL Injection vulnerability in Reamday Enterprises Magic Calendar Lite 1.02 Multiple SQL injection vulnerabilities in cms/index.php in Magic Calendar Lite 1.02, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) $total_login and (2) $total_password parameter. network low complexity reamday-enterprises	7.5
2006-01-10	CVE-2006-0157	Unspecified vulnerability in Reamday Enterprises Magic News Plus 1.0.3 settings.php in Reamday Enterprises Magic News Plus 1.0.3 allows remote attackers to change the administrator password via a change action that specifies identical values for the passwd and admin_password parameters, then declares the new password string in the new_passwd and confirm_passwd parameters. network low complexity reamday-enterprises	5.0

Vulnerabilities > Reamday Enterprises {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Reamday Enterprises"}]}

Vulnerabilities > Reamday Enterprises