Vulnerabilities > Sendcard

DATE CVE VULNERABILITY TITLE RISK
2007-06-06 CVE-2007-3082 Local File Include vulnerability in SendCard
Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..
network
low complexity
sendcard
7.8
2007-06-06 CVE-2007-3059 Information Disclosure vulnerability in Sendcard 3.3.0
SendCard 3.3.0 allows remote attackers to obtain sensitive information via an invalid sc_language parameter to sendcard.php, which reveals the path in an error message.
network
low complexity
sendcard
5.0
2007-05-02 CVE-2007-2472 Cross-Site Scripting vulnerability in Sendcard
Cross-site scripting (XSS) vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the form parameter.
network
sendcard
4.3
2007-05-02 CVE-2007-2471 Directory Traversal vulnerability in Sendcard
Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote attackers to read arbitrary files via a full pathname in the form parameter.
network
low complexity
sendcard
5.0
2006-03-06 CVE-2006-1006 SQL Injection vulnerability in Sendcard
Multiple SQL injection vulnerabilities in sendcard.php in sendcard before 3.3.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters.
network
low complexity
sendcard CWE-89
7.5
2005-07-27 CVE-2005-2404 SQL Injection vulnerability in Sendcard 3.2.3
SQL injection vulnerability in sendcard.php in Sendcard 3.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
sendcard
7.5