Vulnerabilities > Runcms > Runcms > 1.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-01-10 | CVE-2008-0224 | SQL Injection vulnerability in Runcms 1.5.3/1.6/1.6.1 SQL injection vulnerability in index.php in the Newbb_plus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter. | 7.5 |
2007-12-28 | CVE-2007-6544 | SQL Injection vulnerability in Runcms 1.6 Multiple SQL injection vulnerabilities in RunCMS before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the lid parameter to (1) brokenfile.php, (2) visit.php, or (3) ratefile.php in modules/mydownloads/; or (4) ratelink.php, (5) modlink.php, or (6) brokenlink.php in modules/mylinks/. | 7.5 |