Vulnerabilities > Skintech
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-31 | CVE-2006-1560 | SQL Injection vulnerability in Skintech PHPnewsmanager 1.48 Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 allow remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly (1) id and (2) topicid, in (a) browse.php, (b) category.php, (c) gallery.php, (d) poll.php, and (e) possibly other unspecified scripts. | 7.5 |
2006-03-31 | CVE-2006-1557 | SQL Injection vulnerability in Skintech X-Changer 0.20 Multiple SQL injection vulnerabilities in X-Changer 0.2 allow remote attackers to execute arbitrary SQL commands via the (1) from and (2) into parameters in a calculate action, and the (3) id parameter in an edit action to index.php. | 7.5 |
2004-11-23 | CVE-2004-0327 | Unspecified vulnerability in Skintech PHPnewsmanager 1.36 Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote attackers to retrieve arbitrary files via .. | 5.0 |