Vulnerabilities > X10Media > Adult Script > 1.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-18 | CVE-2009-4730 | SQL Injection vulnerability in X10Media Adult Script 1.7 SQL injection vulnerability in report.php in x10 Adult Media Script 1.7 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-03-18 | CVE-2009-4729 | Cross-Site Scripting vulnerability in X10Media Adult Script 1.7 Multiple cross-site scripting (XSS) vulnerabilities in x10 Adult Media Script 1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) pic_id parameter to includes/video_ad.php, (2) category parameter to linkvideos_listing.php, (3) id parameter to templates/header1.php, and (4) key parameter to video_listing.php. | 4.3 |