Vulnerabilities > Yamamah > Yamamah > 1.00

DATE CVE VULNERABILITY TITLE RISK
2010-06-18 CVE-2010-2336 Information Exposure vulnerability in Yamamah 1.00
index.php in Yamamah Photo Gallery 1.00 allows remote attackers to obtain the source code of executable files within the web document root via the download parameter.
network
low complexity
yamamah CWE-200
5.0
5.0
2010-06-18 CVE-2010-2335 SQL Injection vulnerability in Yamamah 1.00
SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter.
network
low complexity
yamamah CWE-89
7.5
7.5
2010-06-18 CVE-2010-2334 Path Traversal vulnerability in Yamamah 1.00
Directory traversal vulnerability in themes/default/download.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to read arbitrary files via a ..
network
low complexity
yamamah CWE-22
5.0
5.0
2010-04-07 CVE-2010-1300 SQL Injection vulnerability in Yamamah 1.00
SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Album) 1.00 allows remote attackers to execute arbitrary SQL commands via the calbums parameter.
network
low complexity
yamamah CWE-89
7.5
7.5