Vulnerabilities > Saphp

DATE CVE VULNERABILITY TITLE RISK
2006-06-22 CVE-2006-3161 SQL Injection vulnerability in Saphp Saphplesson 1.1
SQL injection vulnerability in misc.php in SaphpLesson 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the action parameter.
network
low complexity
saphp
7.5
2005-10-30 CVE-2005-3363 Input Validation vulnerability in Saphp Saphplesson 1.1/2.0
SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 and saphpLesson2.0, allows remote attackers to execute arbitrary SQL commands via the forumid parameter in (1) showcat.php and (2) add.php.
network
low complexity
saphp
7.5