Vulnerabilities > Worms League
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-01-04 | CVE-2009-4561 | SQL Injection vulnerability in Worms-League Webleague 2.2.0 Multiple SQL injection vulnerabilities in Admin/index.php in WebLeague 2.2.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | 6.8 |
2010-01-04 | CVE-2009-4560 | SQL Injection vulnerability in Worms-League Webleague 2.2.0 SQL injection vulnerability in profile.php in WebLeague 2.2.0 allows remote attackers to execute arbitrary SQL commands via the name parameter. | 7.5 |