Vulnerabilities > Webmastersite

DATE CVE VULNERABILITY TITLE RISK
2011-09-24 CVE-2011-3820 Information Exposure vulnerability in Webmastersite WSN Software 6.0.6
WSN Software 6.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/prestart.php and certain other files.
network
low complexity
webmastersite CWE-200
5.0
5.0
2011-02-23 CVE-2011-1061 SQL Injection vulnerability in Webmastersite WSN Guest 1.24
SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter.
network
low complexity
webmastersite CWE-89
7.5
7.5
2011-02-23 CVE-2011-1060 SQL Injection vulnerability in Webmastersite WSN Guest 1.24
SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php.
network
low complexity
webmastersite CWE-89
7.5
7.5
2010-02-22 CVE-2010-0672 SQL Injection vulnerability in Webmastersite WSN Guest 1.02
SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter.
network
low complexity
webmastersite CWE-89
7.5
7.5
2009-02-23 CVE-2009-0704 SQL Injection vulnerability in Webmastersite WSN Guest 1.23
SQL injection vulnerability in search.php in WSN Guest 1.23 allows remote attackers to execute arbitrary SQL commands via the search parameter in an advanced action.
network
low complexity
webmastersite CWE-89
7.5
7.5