Vulnerabilities > Valarsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-07-12 | CVE-2012-3350 | SQL Injection vulnerability in Valarsoft Webmatic 3.1.1 SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header. | 6.8 |
2011-07-08 | CVE-2010-4808 | SQL Injection vulnerability in Valarsoft Webmatic SQL injection vulnerability in index.php in Webmatic allows remote attackers to execute arbitrary SQL commands via the p parameter. | 7.5 |
2009-12-22 | CVE-2009-4380 | SQL Injection vulnerability in Valarsoft Webmatic Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-2925. | 7.5 |
2009-12-22 | CVE-2009-4379 | Cross-Site Scripting vulnerability in Valarsoft Webmatic Multiple cross-site scripting (XSS) vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-2924. | 4.3 |
2008-06-30 | CVE-2008-2925 | SQL Injection vulnerability in Valarsoft Webmatic SQL injection vulnerability in Webmatic before 2.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2008-06-30 | CVE-2008-2924 | Cross-Site Scripting vulnerability in Valarsoft Webmatic Cross-site scripting (XSS) vulnerability in Webmatic before 2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2007-07-12 | CVE-2007-3727 | Unspecified vulnerability in Valarsoft Webmatic 2.6/2.6.1/2.6.2 Multiple unspecified vulnerabilities in Webmatic before 2.7 have unknown impact and attack vectors, related to the "administration area." | 7.5 |
2007-07-10 | CVE-2007-3648 | SQL Injection vulnerability in Valarsoft Webmatic 2.6.1 SQL injection vulnerability in Webmatic before 2.6.2, and possibly other versions before 2.7, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly related to admin/admin_album.php and admin/admin_downloads.php. | 7.5 |
2007-02-08 | CVE-2007-0839 | Remote File Include vulnerability in Valarsoft Webmatic 2.6 Multiple PHP remote file inclusion vulnerabilities in index/index_album.php in Valarsoft WebMatic 2.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) P_LIB and (2) P_INDEX parameters. | 7.5 |