Vulnerabilities > Wanewsletter
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-09 | CVE-2010-4940 | SQL Injection vulnerability in Wanewsletter 2.1.2 SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2007-06-01 | CVE-2007-2969 | Remote File Include vulnerability in WANewsletter Waroot Parameter PHP remote file inclusion vulnerability in newsletter.php in WAnewsletter 2.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the waroot parameter. | 7.5 |