2 matches found
CVE-2018-0606
Pixelpost v1.7.3 and earlier is vulnerable to a SQL injection (CWE-89). The flaw allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. Affected product is Pixelpost versions ≤1.7.3; root cause/vectors are not detailed in the provided documents. Mitigatio...
JVN#27978559: Multiple vulnerabilities in Pixelpost
Pixelpost provided by Pixelpost.org contains multiple vulnerabilities listed below. Arbitrary code execution - CVE-2018-0604 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L| Base Score: 4.7 CVSS v2| AV:N/AC:L/Au:S/C:P/I:P/A:P| Base Score: 6.5 Cross-site...