Vulnerabilities > Shawn Bradley > PHP Volunteer Management > 1.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-01-24 | CVE-2012-6505 | Cross-Site Scripting vulnerability in Shawn Bradley PHP Volunteer Management 1.0.2 Cross-site scripting (XSS) vulnerability in mods/hours/data/get_hours.php in PHP Volunteer Management 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 4.3 |
2013-01-24 | CVE-2012-6504 | SQL Injection vulnerability in Shawn Bradley PHP Volunteer Management 1.0.2 SQL injection vulnerability in mods/hours/data/get_hours.php in PHP Volunteer Management 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |