Vulnerabilities > VCD DB
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-09-08 | CVE-2006-4628 | HTML Injection vulnerability in VCD-DB Comments Cross-site scripting (XSS) vulnerability in VCD-db before 0.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when handling comments. network vcd-db | 4.3 |
2005-12-14 | CVE-2005-4241 | Input Validation vulnerability in VCD-DB Cross-site scripting (XSS) vulnerability in the category page in VCD-db 0.98 and earlier allows remote attackers to inject arbitrary web script or HTML via the batch parameter. network vcd-db | 4.3 |
2005-12-14 | CVE-2005-4240 | Input Validation vulnerability in VCD-DB SQL injection vulnerability in search.php in VCD-db 0.98 and earlier allows remote attackers to execute arbitrary SQL commands via the by parameter. | 7.5 |