Vulnerabilities > Sappy DK
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-06-22 | CVE-2009-2154 | SQL Injection vulnerability in Sappy.Dk Impleo Music Collection 2.0 SQL injection vulnerability in admin/login.php in Impleo Music Collection 2.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | 6.8 |
2009-06-22 | CVE-2009-2153 | Cross-Site Scripting vulnerability in Sappy.Dk Impleo Music Collection 2.0 Cross-site scripting (XSS) vulnerability in index.php in Impleo Music Collection 2.0 allows remote attackers to inject arbitrary web script or HTML via the sort parameter. | 4.3 |