Vulnerabilities > Skalinks
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-08-19 | CVE-2008-7010 | Permissions, Privileges, and Access Controls vulnerability in Skalinks Exchange Script 1.5 Skalfa Software SkaLinks Exchange Script 1.5 allows remote attackers to add new administrators and gain privileges via a direct request to admin/register.php. | 10.0 |
2009-02-10 | CVE-2009-0451 | SQL Injection vulnerability in Skalinks 1.5 SQL injection vulnerability in Skalfa SkaLinks 1.5 allows remote attackers to execute arbitrary SQL commands via the Admin name field to the default URI under admin/. | 7.5 |
2007-11-10 | CVE-2007-5917 | Cross-Site Request Forgery (CSRF) vulnerability in Skalinks 1.5 Cross-site request forgery (CSRF) vulnerability in admin/admin_account.php in Skalinks 1.5 and earlier allows remote attackers to add arbitrary privileged accounts as administrators via the admin_name, admin_password, admin_type, and Add_admin parameters. | 6.8 |