Vulnerabilities > Zuitu > Zuitu > 1.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-05 | CVE-2010-4854 | SQL Injection vulnerability in Zuitu 1.6 SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a consume action. | 6.8 |