SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search...
8.7AI Score
0.001EPSS
Directory traversal vulnerability in download.php in BuzzyWall 1.3.1 allows remote attackers to read arbitrary local files via a .. (dot dot) in the id...
6.5AI Score
0.02EPSS