Vulnerabilities > Webmastersite
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-09-24 | CVE-2011-3820 | Information Exposure vulnerability in Webmastersite WSN Software 6.0.6 WSN Software 6.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/prestart.php and certain other files. | 5.0 |
2011-02-23 | CVE-2011-1061 | SQL Injection vulnerability in Webmastersite WSN Guest 1.24 SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter. | 7.5 |
2011-02-23 | CVE-2011-1060 | SQL Injection vulnerability in Webmastersite WSN Guest 1.24 SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php. | 7.5 |
2010-02-22 | CVE-2010-0672 | SQL Injection vulnerability in Webmastersite WSN Guest 1.02 SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter. | 7.5 |
2009-02-23 | CVE-2009-0704 | SQL Injection vulnerability in Webmastersite WSN Guest 1.23 SQL injection vulnerability in search.php in WSN Guest 1.23 allows remote attackers to execute arbitrary SQL commands via the search parameter in an advanced action. | 7.5 |