Vulnerabilities > Vastal > Phpvid > High

DATE CVE VULNERABILITY TITLE RISK
2015-03-20 CVE-2015-2563 SQL Injection vulnerability in Vastal PHPvid 0.9.9/1.2.3
SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 0.9.9 and 1.2.3 allows remote attackers to execute arbitrary SQL commands via the order_by parameter.
network
low complexity
vastal CWE-89
7.5
7.5
2013-08-19 CVE-2013-5311 SQL Injection vulnerability in Vastal PHPvid 1.2.3
Multiple SQL injection vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to execute arbitrary SQL commands via the "n" parameter to (1) browse_videos.php or (2) members.php.
network
low complexity
vastal CWE-89
7.5
7.5
2008-09-22 CVE-2008-4157 SQL Injection vulnerability in Vastal PHPvid 1.1
SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610.
network
low complexity
vastal CWE-89
7.5
7.5